www.kold.com Open in urlscan Pro
2a02:26f0:3500:12::1730:178a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tucsonnewsnow.com/
Effective URL:
https://www.kold.com/
Submission: On September 12 via api (September 12th 2022, 1:12:47 pm UTC) from US — Scanned from DE

Summary HTTP 274 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 72 IPs in 9 countries across 55 domains to perform 274 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:178a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.kold.com. The Cisco Umbrella rank of the primary domain is 351306.
TLS certificate: Issued by R3 on August 19th 2022. Valid for: 3 months.

This is the only time www.kold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2a02:26f0:350... 2a02:26f0:3500:12::1730:178a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	52.222.214.127 52.222.214.127	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:7000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:497c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.36.162.26 23.36.162.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.7.195.165 52.7.195.165	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:0:3... 2600:1901:0:3b3e::1	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
10	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:586::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	52.217.33.182 52.217.33.182	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:0:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.195.113.55 44.195.113.55	14618 (AMAZON-AES) (AMAZON-AES)
2	185.59.220.193 185.59.220.193	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::864:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:981::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:c... 2600:1901:0:ccb0::1	15169 (GOOGLE) (GOOGLE)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
17	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
3 19	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
15	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3 6	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
3 9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 6	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
4 4	162.19.80.91 162.19.80.91	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	18.157.110.72 18.157.110.72	16509 (AMAZON-02) (AMAZON-02)
1	3.126.157.114 3.126.157.114	16509 (AMAZON-02) (AMAZON-02)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
7	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
9	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	52.18.161.218 52.18.161.218	16509 (AMAZON-02) (AMAZON-02)
1	34.208.243.53 34.208.243.53	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
274	72

9 2a02:26f0:3500:12::1730:178a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.tucsonnewsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:6c00::210:bb59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-kold-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-127.fra56.r.cloudfront.net

www.burst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:7000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-26.deploy.static.akamaitechnologies.com

webpubcontent.raycommedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.7.195.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-195-165.compute-1.amazonaws.com

www.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:3b3e::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:586::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.33.182 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:0:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.113.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-113-55.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net

staticcdn.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdnmetv.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:ccb0::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

operationchicken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.80.91 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.110.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-110-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.157.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.161.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-218.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com — Cisco Umbrella Rank: 876 cdn.adnxs.com — Cisco Umbrella Rank: 1968 ams3-ib.adnxs.com — Cisco Umbrella Rank: 5117	199 KB
31	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	240 KB
25	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 755 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709 r.casalemedia.com — Cisco Umbrella Rank: 1020 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	18 KB
19	googlesyndication.com ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	452 KB
18	arcpublishing.com gray-kold-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 563650	787 KB
17	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702 image6.pubmatic.com — Cisco Umbrella Rank: 891 t.pubmatic.com — Cisco Umbrella Rank: 5050	140 KB
14	piano.io api-esp.piano.io — Cisco Umbrella Rank: 16042	114 KB
12	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1042 trc.taboola.com — Cisco Umbrella Rank: 918 images.taboola.com — Cisco Umbrella Rank: 1875 pips.taboola.com — Cisco Umbrella Rank: 397303 cds.taboola.com — Cisco Umbrella Rank: 2547	210 KB
9	metv.com www.metv.com — Cisco Umbrella Rank: 113391 staticcdn.metv.com — Cisco Umbrella Rank: 197940 cdnmetv.metv.com — Cisco Umbrella Rank: 160887	174 KB
8	kold.com www.kold.com — Cisco Umbrella Rank: 351306	622 KB
7	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 5032 acdn.adnxs-simple.com — Cisco Umbrella Rank: 3705	53 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	59 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 415	4 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	243 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	263 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 942 cdn.indexww.com — Cisco Umbrella Rank: 2169	6 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
4	dyntrk.com 4 redirects gu.dyntrk.com — Cisco Umbrella Rank: 2124	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	217 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1924	1 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	3 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1628 mab.chartbeat.com — Cisco Umbrella Rank: 3129	25 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	102 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2172	15 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1307	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202 www.google.de — Cisco Umbrella Rank: 3469	1 KB
2	operationchicken.com operationchicken.com — Cisco Umbrella Rank: 35796	723 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	34 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	78 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1818 c.go-mpulse.net — Cisco Umbrella Rank: 733	50 KB
2	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 44152	33 KB
2	queryly.com www.queryly.com — Cisco Umbrella Rank: 16338	9 KB
2	burst.com www.burst.com — Cisco Umbrella Rank: 58188	13 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4174	212 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2151	336 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2435	637 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 949	177 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 420	220 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 951	191 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1399	44 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 691	507 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 419	125 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 2188	307 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1356	201 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 791	466 B
1	amazonaws.com s3.amazonaws.com	561 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	29 KB
1	raycommedia.com webpubcontent.raycommedia.com — Cisco Umbrella Rank: 225829	782 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 2107	417 B
1	tucsonnewsnow.com 1 redirects www.tucsonnewsnow.com	328 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	simpli.fi Failed tag.simpli.fi Failed
274	55

	Domain	Requested by
22	securepubads.g.doubleclick.net	www.kold.com securepubads.g.doubleclick.net ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com www.googletagservices.com acdn.adnxs-simple.com
18	gray-kold-prod.cdn.arcpublishing.com	www.kold.com gray-kold-prod.cdn.arcpublishing.com
17	ib.adnxs.com	ads.pubmatic.com acdn.adnxs.com
14	api-esp.piano.io	www.kold.com code.jquery.com api-esp.piano.io
12	dsum-sec.casalemedia.com	3 redirects r.casalemedia.com
9	t.pubmatic.com	www.kold.com ads.pubmatic.com
9	tpc.googlesyndication.com	ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	acdn.adnxs.com	ads.pubmatic.com www.kold.com crcdn01.adnxs-simple.com acdn.adnxs-simple.com
8	pagead2.googlesyndication.com	www.googletagservices.com acdn.adnxs-simple.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	www.kold.com	www.kold.com
7	ams3-ib.adnxs.com	ads.pubmatic.com www.kold.com cdn.adnxs.com acdn.adnxs-simple.com
7	htlb.casalemedia.com	ads.pubmatic.com
6	crcdn01.adnxs-simple.com	acdn.adnxs.com crcdn01.adnxs-simple.com acdn.adnxs-simple.com
6	s.amazon-adsystem.com	3 redirects r.casalemedia.com
6	cm.g.doubleclick.net	3 redirects r.casalemedia.com
6	s0.2mdn.net	www.kold.com s0.2mdn.net
6	www.googletagservices.com	ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.metv.com www.google-analytics.com api-esp.piano.io www.kold.com
6	cdn.taboola.com	www.kold.com cdn.taboola.com
4	gu.dyntrk.com	4 redirects
4	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com
4	www.google.com	www.kold.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	hbopenbid.pubmatic.com	ads.pubmatic.com
4	cdnmetv.metv.com	www.metv.com
4	www.googletagmanager.com	www.kold.com www.googletagmanager.com
3	px.owneriq.net	2 redirects r.casalemedia.com
3	cdn.indexww.com	r.casalemedia.com
3	r.casalemedia.com	js-sec.indexww.com
3	ssum-sec.casalemedia.com	3 redirects
3	js-sec.indexww.com	ads.pubmatic.com
3	trc.taboola.com	cdn.taboola.com
3	sb.scorecardresearch.com	cdn.taboola.com www.kold.com
3	ads.pubmatic.com	www.kold.com ads.pubmatic.com
3	www.metv.com	www.kold.com
3	cdnjs.cloudflare.com	www.kold.com cdnjs.cloudflare.com
2	i.clean.gg	acdn.adnxs-simple.com
2	cdn.adnxs.com	ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	operationchicken.com	reconditerespect.com
2	use.fontawesome.com	www.metv.com use.fontawesome.com
2	staticcdn.metv.com	www.metv.com
2	mug.criteo.com	www.kold.com
2	gum.criteo.com	1 redirects
2	reconditerespect.com	www.kold.com
2	www.queryly.com	www.kold.com
2	static.chartbeat.com	www.kold.com
2	www.burst.com	www.kold.com www.burst.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	acdn.adnxs-simple.com	ads.pubmatic.com
1	fonts.googleapis.com	client
1	ums.acuityplatform.com	1 redirects
1	sync-tm.everesttech.net	r.casalemedia.com
1	x.bidswitch.net	r.casalemedia.com
1	pixel-sync.sitescout.com	r.casalemedia.com
1	match.deepintent.com	r.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	ups.analytics.yahoo.com	r.casalemedia.com
1	sync.adotmob.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	www.google.de	www.kold.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	images.taboola.com	www.kold.com
1	ajax.googleapis.com	www.metv.com
1	ping.chartbeat.net	www.kold.com
1	static.adsafeprotected.com	reconditerespect.com
1	s3.amazonaws.com	www.kold.com
1	mab.chartbeat.com	static.chartbeat.com
1	code.jquery.com	api-esp.piano.io
1	s.go-mpulse.net	www.kold.com
1	webpubcontent.raycommedia.com	www.kold.com
1	polyfill.io	www.kold.com
1	www.tucsonnewsnow.com	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
0	tag.simpli.fi Failed	www.googletagmanager.com
274	84

This site contains links to these domains. Also see Links.

Domain
grow.withgray.tv
www.graytvlocal.com
www.theazweekend.com
www.tep.com
www.fox.com
www.mynetworktv.com
www.cbs.com
recruiting.ultipro.com
www.circleallaccess.com
www.investigatetv.com
www.graydc.com
www.vuit.com
www.facebook.com
www.twitter.com
fragebogen.geers.de
popup.taboola.com
publicfiles.fcc.gov
webpubcontent.gray.tv
www.queryly.com

Subject Issuer	Validity	Valid
gray3.web.arc-cdn.net R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
burst.com Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
star2.arcpublishing.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
metv.com Amazon	`2022-06-18` - `2023-07-17`	a year	crt.sh
reconditerespect.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
staticcdn.metv.com R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
cdnmetv.metv.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
operationchicken.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-24` - `2023-02-15`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.kold.com/
Frame ID: AED76F6D689251D1AB937E19A42DF6D1
Requests: 139 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: B6197ED3346CC4A79379318808ECFA3F
Requests: 1 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: C820EE042EBE040014176BCBE4CDA380
Requests: 11 HTTP requests in this frame

Frame: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 565A32605E49C13C2D7465C0E660524C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 79212BF7EF0F3A3F8E02FF33A8E48D6C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 399F12325465A1B415BC6F270C3184D9
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B734E25FFAC7DDAF3F0812B92723E868
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C91CE302476D247F4474F5E8C497A21
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7832810753409244CFCAAE2756D69A7A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 378640174C3847469661E665E4B7E48F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: CF68699E4EACB192B3F5E6E36C9DB08F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 2B8D6813741A31EC73173AAC16E86B87
Requests: 1 HTTP requests in this frame

Frame: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8D4CFF3438C1473D88E0D19F9EC4A3E
Requests: 8 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B5CC66372CEE6630A73A1D16AEB5A4FF
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 66484AB553703443542E10E4A45B5E4B
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 48FAD02852AE2D4B6D2AC94C173D8013
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcEJtj_tDkAbtdw9dmYbD4o-XBvvl9rKpC2xNH9l3F4feACnvDxYqSzwph0ZPC4ocF3R8ljxmFQ_ucw5YWPfYrlMpWtYgOMsNROFf48HA74t0K1UPKZBPBzGpI8xAGQpeCiZohCPTG49nlzWuLuCBeCKzC_Z0DsCUk9S--v-28hhfqThIh-ODisWuDuVSikht36NtXYoYaqlJobtcc0NWRI7PdJxLvkMHlK9dQAPUl7IhktimjL_mNsI379ANx5A8oKBYdyWScleM_MFGvJy84hjvJKR5KTXCHaWFSKrtEQ1PuyZz4OZCS3GulC5lqsneo6g&sai=AMfl-YQ6U4BL67B-tUm207mKXb8pkxmXNb7Igj4G3OGWmWFh9XYxbP2uceHWKjFYNGV1CpwGvxwA5Fslh1Byqq650coLK-tP1t5VWtRBGllJZkRC9_FSynQ1RjFsmfTKoA&sig=Cg0ArKJSzBYSg_-kmOFPEAE&uach_m=[UACH]&adurl=
Frame ID: 485703A5F816C69853DC10ED378FB347
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkG_AXomwj3K4cUazgq8cohMSnhCJ8Pt91Ipa5MGsQcP_MA9Euek5DPGNG_JEnc-TRdsbIKdqbI4d62Q7mawBuUzOTjBBFfrq3ikaXrTNEinmhqCLqJlvka9SuM6dJBErHp1ilbFJeH872RATs846WOm5sEAp49U1HsfYdntWpRrfZTEzhjSmftMBMxXBbBVPE_tydHQAcdn4JF6UkFPVS3qNq5nP2BLIGljHtLhNDB6Lur67wbJRyMcjjzoUKfyB0oGgVWv1uLDUR0KFUsrknjtR-W4ChwxHc2t3ihQmqNeHzpnBtTCpkAMeNT_lEBTBD1w&sai=AMfl-YTkJXP_3zYDpl-nZxkCpKFjAcVgdBvsFoMdgVuTuHQObOuwNMe6w8BWw5NtGuCxuJTiZW466FrZ7UYmpf_9KzpgJeiyKElNEzfb9oj-lBuCRHAyJK3FfH2ZR39veWc&sig=Cg0ArKJSzA2xpbleIQNTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6812CD99D855EBC3FD23A7A200CB7F92
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRQOG1Y6JF5hCcRVld2lDQLWJFBfHNdxwxPL9jA0fulXCCqX2OyJWrGvo1SN-upIx8U_yn3s6nYnUgU_OSVMX7hAcCMuBTry_HDCAJtIz5IYdm8hI3yuQaN6c6qioH-OmtB3s6PUyolw87JIRdkGXdPvtZafkQilwESgwJ0OkpkZvsdAjP6IwsDPUZRig78a_YlpQbGPAvJ0AuCmspg-H_KXSbbetaaLJJExc-Zlf8wAgnsk5KbS2p6oSB1c4uiAAE3aMLkWwLJQU7Wd7I2xJu5l0rXzKBKNgOocyiJL6AL86vjC70TH8cSz3rTk_itn6uFTgJRk01aSSqzCEtMoNaxAhV547Toz9KlVBiOVOwGQf2WiPOpdnII1Q&sai=AMfl-YTpaS3QEH86qiEZwiNiJFrcjzOcBc_CLmWhuqTNx7v7FwvVhnqeBt7FoWQfKRxC7TGaJXGsl6fa5vpzunrh3utv8twh-ajem4jePv8zulkAG_TsephEQraGKC-i6dc&sig=Cg0ArKJSzAGX3rR4if_hEAE&uach_m=[UACH]&adurl=
Frame ID: 3874EAE8E5058C50AA18EE5800EEBB70
Requests: 8 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
Frame ID: F38D724286E42A10C6A860D3B4432F1D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC4jBs3gEtGV5Bm_9ttO_w5VfVpD2VhNAYx32ar5WYwVnYOcYx_CzKfXe7Xle2U8nQ01Oh285WiREbsV7UDZmc0nrLufeqJL7FzW_PeqMV5b9-r24iRX8oLHNW3yGwaDVPwJ0sGBRaatC2IREzq16YL8kczQ1miG_ornbNWs49YuyAsv3JWxpvidbKoKdp0OQrxZO2thaFldAiATE-9MXmhzIcnixsB8eYE5L5jUlcj5-f91jLZgcw408nnNkUtGEXiVMFEFxeAL-Z5qzi3F8ORci2n1iUnJnfC2EMlY-equ98zNg9Jn6bKqNSvQRsDH17AnNTPg&sai=AMfl-YTX4y-i4HInb4pXTfW6gxOVhCy1MxfNI3NfirQtRbOzy3GaVd8YPVm8l4Z1PMAXsTKGTW0ebXfSreVNOdmUJ2wcFZoV5C2ea2ao3jfW2whPNaCNM8vJNhweaBrNB9A&sig=Cg0ArKJSzMKyK7P31CZQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FF786B673F941FC8F75DF6D61F3021D4
Requests: 9 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWPyQ1Qf_ufSkkzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAABCbjMQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_hOHlQjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwMDZAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDA2%2Fbn%3D96428%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGKTqhPrvvd-UJCIMMzcuNTguNTguMjQ4MMfg_JgG
Frame ID: 7069DC552E549ECF6BB33074C5FD386A
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561
Frame ID: 9BC4B9A806E7D6AFAE2DA98398237238
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=RrgT1ZETeE&t=1&renderingType=2
Frame ID: 188B6917F40249BDA8876085733146DD
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYfOZGFZNWAVhkMFaVdr9dfAJqz5RqV9nRdnDAc2hgiD1nxU-YlG8DUFNCV-YoDRu4pagmNy53LPzC6UrSB5zhwLQaPwcqWhHk_dTPX1wuWxzltN_IspqBm8a8u2rcfLo4jL-DEdPeZ6THB1G_z9i6vF3IrMO4SjazoDFbQ2uOkqaZ2c1IWnd4VLpQSbBiCLvMOTn7yytZZmy3pA-qXvg2OthFixTlQH3TriUJbYiiQtU0qa_WNJHc3oRLawMxnJR8Ymc3d_C4xZbxGQKnislrPvE5XlC_6zJv3-8enLqIwFgy469KiOWjAcw1ak6L1yupcGMjjzqiPYsy80GKKJ5V8Das&sai=AMfl-YTBPHTJxI7iBQ5GdKUcoydZbUrFjtTMCPgGzSBFfDqelqrAw0CvBsEI8QOIhpIxA7T4Q3EHO05q7b1OvSNGZhcamcAigYqJtSDGXzeVKAwlMLHkhRNrOko2EjyHvzw&sig=Cg0ArKJSzF5qPYdSLHsTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BA6707EE60BCD87EBF802ADCAC2018DF
Requests: 13 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWP0FDatJ2VfRSzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAAhCauWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BxQEmAjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwNzhAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDc4%2Fbn%3D96784%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGMGGqZPtrpX6UiIMMzcuNTguNTguMjQ4MMfg_JgG
Frame ID: B2B3C28D92397A9B8E71A4E8B2F16E12
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561
Frame ID: 5F876D3D0BE135407DABF540FC46C8FF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01F33458D8DC5615801AA9355A076488
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F48AEDDFC85857EE679D8EAE14B25DBA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

274
Requests

94 %
HTTPS

49 %
IPv6

55
Domains

84
Subdomains

72
IPs

9
Countries

4977 kB
Transfer

11846 kB
Size

42
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://grow.withgray.tv/kold/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.graytvlocal.com/market/tucson-az
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/contests/
Title: AZ Weekend Contests

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.155669310.48765111.1615402160-1550363320.1615402160
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.tep.com/solar-dashboard/
Title: TEP Solar Dashboard

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.264183183.281644180.1615824734-1603375000.1615824734
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.fox.com/
Title: Fox 11

Search URL Search Domain Scan URL

URL: https://www.mynetworktv.com/
Title: My18

Search URL Search Domain Scan URL

URL: https://www.cbs.com/
Title: CBS

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/GRA1017GRYT/JobBoard/ae441110-89bd-444d-8ad2-b76c7b9db7a9/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=vzauRM0vSl6VVVh-Ke14nw
Title: KOLD Jobs

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.vuit.com/publishers/297/kold/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://www.twitter.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-sta/?utm_source=taboola&utm_medium=display&utm_campaign=STSASUMMER_DE_GEE_ACQ_DIS_TAB_DES_STSA01_IMG_JUL2W&utm_content=3465392296&utm_term=graytv-koldnews13&utm_title=Gunzenhausen%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiA3WZR9D6nB2d1qE1ETTSMG-WNoj4Qa8nSxXIewwkTEriCDkFIohOn5jq_wh6i3AQ&_ad_placement=graytv-koldnews13&tblci=GiA3WZR9D6nB2d1qE1ETTSMG-WNoj4Qa8nSxXIewwkTEriCDkFIohOn5jq_wh6i3AQ#tblciGiA3WZR9D6nB2d1qE1ETTSMG-WNoj4Qa8nSxXIewwkTEriCDkFIohOn5jq_wh6i3AQ
Title: GEERS

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-koldnews13&utm_medium=referral&utm_content=thumbnails-native:Homepage%20Native%20Backfill:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/KOLD-TV
Title: KOLD Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/0b7fd011-1bff-71f7-4891-3dce78b156ef/36afff89-4d8b-4a1d-aa26-c96af6a0c118.pdf
Title: KOLD EEO Report

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kmsb
Title: KMSB Public Inspection File

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kttu
Title: KTTU Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/c1c182b8-10c3-c5e4-8c4f-b15b4997c6d1/7f91ea11-49a0-48fa-a44a-837ea604da03.pdf
Title: KMSB / KTTU EEO Report

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kold-fcc_applications.pdf
Title: KOLD FCC Applications

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kmsb-fcc_applications.pdf
Title: KMSB FCC Applications

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=HdOR5Xx6b1ZLbjRaeG4vTEVkUFhwdU96ZG5PN29hRlhEb0pnYkxpSXFaL2dma24rTnhiQnpOTFZNZjVuS2xWYzRJM0dxNzVzcFFQa01sSFlQSklHQU5nNXNIaGxWc1VyMzVFZ2VTYjRjWXZFZzFmRUJNWkdLTXFQMkxLbkVEcysrTVR0VThUNXhKMlhxYTlBZHhXUG5oQkIyWHVtN25JUU9abTBJL1o1RlNoSmtWbVJjN3h5YTBFNFlNRzlFMGN6U1VCRWRlbERSdHprY1pndmx5UnJuU2tqR09uNjhoaEhCNkNoSHVIRVc5WG40SytnPXw&cppv=2

Request Chain 129

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 131

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 132

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 160

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&dcc=t

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2

Request Chain 162

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 164

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=OlWTBT9WllQhB8RXaVaPVThTkFIhAJQFbQAAcHPD

Request Chain 165

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 168

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDno0kWQgFjBX6YZd1vGPG0&google_cver=1&gdpr=1&google_hm=2

Request Chain 169

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB&dcc=t

Request Chain 173

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=hKgPql0b1OxJeT5&gdpr=1

Request Chain 179

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB&dcc=t

Request Chain 181

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2

Request Chain 182

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162747591201799416&uid=Q7162747591201799416&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 184

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 185

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692397895948

274 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kold.com/
Redirect Chain

http://www.tucsonnewsnow.com/
https://www.kold.com/

608 KB
84 KB

1036ms
984ms

Document
text/html

2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3878350bc095d255b559f83126544ee4a377a9a408590236900aee18618a296b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 13:12:37 GMT
etag: W/"96eea-hW+gcDJMsaV+kZfizVxca7xuOkw"
expires: Mon, 12 Sep 2022 13:13:37 GMT
last-modified: Mon, 12 Sep 2022 13:12:37 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=93 origin; dur=878
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 83674 0 pmb=mRUM,2
x-edgeconnect-cache-status: 1
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 878

Redirect headers

Akamai-True-TTL: -1
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Sep 2022 13:12:36 GMT
Expires: Mon, 12 Sep 2022 13:12:36 GMT
Location: https://www.kold.com/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 react.js Show response
www.kold.com/pf/dist/engine/ 709 KB
160 KB 16ms
12ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/engine/react.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

0123b68651830a2433646d068171fef24441fdf9e3cbb5947d038711970098bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: gzip
x-amz-request-id: VG1WBGQQQ5TX4PA4
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 162766
x-amz-id-2: TMB5KzapUlss4AcZDLGhGvzYBXS4XY9HdSxFElYPjfu/UKKc+N82+2ctRq6EbsDqUwVv0tAaOF8=
last-modified: Thu, 08 Sep 2022 15:41:53 GMT
server: openresty
etag: W/"2fe8d02bb046a5a920c55439f0020f4a"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:37 GMT

GET
H2 200 default.js Show response
www.kold.com/pf/dist/components/combinations/ 1 MB
274 KB 34ms
30ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

0bc2c7b7a806dc41008767b294d7f15ed50a9f479a5d62ab4f6a897133ba7c62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: gzip
x-amz-request-id: VG1VJKY19ZD2A8ZT
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 279002
x-amz-id-2: VhWgSV+didmJ3yWcWqSRwGKdaGj7zu52FD/HXNs5+ILdV/Y9vrZn1p2nPpmw3HWQAz9JpTV96Tg=
last-modified: Thu, 08 Sep 2022 15:41:53 GMT
server: openresty
etag: W/"27f083950eebaa463a30a5da4a2e6661"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:37 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 106ms
41ms Stylesheet
text/css 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: gzip
x-amz-request-id: 37XC3QFEM4S9N98W
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=122
content-length: 14217
x-amz-id-2: 1SSjdzc7lvUnXy85zpwTbcMerVurWpwRAnFYnXM53oBVyT/QbZ2hwKRp7hVUkU1g2NkThTd/bO0=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"6dd05f673b04d6bedc7a004ad60ae072"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:37 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/ 100 KB
16 KB 352ms
288ms Stylesheet
text/css 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3c0eebb084c60d188b19d7e2935a28c04176877b741abddbde9b5b2c061a4f1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: gzip
x-amz-request-id: AZBPW8FR67BN6ZPY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=177
content-length: 16195
x-amz-id-2: Qu+8ow/NTZ5m2WzRvpQXK/eUvlssK4xGX6bIUFMI7pV95tTEX80pVO5Ksu9CA2KSKyBP17VEOok=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"da7bffb12701a91eb68a15d4a386a4b5"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:37 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 44ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 332284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWMIvoeU4reoVsXLVU5GoI25xZfESEauczEGp51D22ATLRlelgVJh1HKnbYPMXCu0nofxb%2BM5%2FNcsenR4D31a002d62lRPEkTuFuMZjbShwj4O3CsBaA3TNU0TR9PJYis6IVRsYoN8OxVG4g1FD64AW3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7498e55339689128-FRA
expires: Sat, 02 Sep 2023 13:12:37 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 54ms
28ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer: https://www.kold.com/
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 11:53:12 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/105.0.0
server-timing: cache-fra19138, PASS, fastly;desc="Edge time";dur=21
accept-ranges: bytes
content-length: 94

GET
H2 200 gtm.js Show response
gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
806 B 455ms
392ms Script
application/javascript 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-amz-request-id: 37X3RY92XSPV90TY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=276, origin; dur=91
content-length: 305
x-amz-id-2: KELVbPzv8gBDErqGNm6zhNNcjhOisjbuKyfBKjvel/PEKr/guHs8OcbYz92NSAQ3Va0mqx+mLdI=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:38 GMT

GET
H2 200 framework.js Show response
www.burst.com/webapps/embed/ 36 KB
10 KB 38ms
9ms Script
application/javascript 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: qC52pvFBiP2wRcTqgSz51JTNd0IA1cWB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 5784
etag: W/"71f64b7fce14de5520a87e4b12e0b01e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 11:36:21 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: uwY9nkDSJABkraVs1M0st3GLqA-3MED7THbYnEoyUjLjA4_8JA3IGA==

GET
H2 200 comscore.js Show response
www.kold.com/pf/resources/js/analytics/ 168 KB
49 KB 22ms
21ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/resources/js/analytics/comscore.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:37 GMT
content-encoding: gzip
x-amz-request-id: VG1WCB0VTSBJDY1R
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49862
x-amz-id-2: 0Y8KfzqMbRCtcVqAwhbaxLVSKy4fPolI7WsPt8ew1NvmkWBQsITOANw8TNXuxdp+fQae+J9Wnig=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"702fb2c84c6e8b364a6130cb860c7987"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:37 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 52ms
9ms Script
application/x-javascript 2600:9000:223c:7000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:30:00 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 2558
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 3nN-Pq14oJL6JQr83aa3XWvLfSnTPHHBi4FxnGecaCvzFUB8WP0NYw==
expires: Mon, 12 Sep 2022 14:30:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 52ms
10ms Script
application/x-javascript 2600:9000:223c:7000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:04:58 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 460
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: VUNI6c7eXUBJ_om62OFynUTTCROJgefPVTYhTx7Q5-MJI-NOKdWaqA==
expires: Mon, 12 Sep 2022 15:04:58 GMT

GET
H2 200 queryly.v4.min.js Show response
www.queryly.com/js/ 26 KB
7 KB 54ms
27ms Script
application/x-javascript 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.min.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75914
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Thu, 11 Aug 2022 16:00:33 GMT
server: cloudflare
etag: W/"80a6a27c9badd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTcuKIj4LLr2mM6EOmKsSlFVcQr%2BJ73KXGKEKK3U%2FyrS5mgDVJrebmH88RLsBD8SJkjZLmvcC7TokOjUwUDP8bwRnmnWgZuisD75qLzIK%2BK0XyNcwN6qk7qz4o%2BavbbAglLm2W%2Bu%2Bsr9VjJWnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7498e5564a3f9a2a-FRA
access-control-allow-headers: *

GET
H2 200 WVE5K6A27ZATDFT5ZPJWGRXZ2M.jpeg
gray-kold-prod.cdn.arcpublishing.com/resizer/9S3StfwtIEB7nsTitCkJwNx8hJg=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 37 KB
37 KB 83ms
80ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/9S3StfwtIEB7nsTitCkJwNx8hJg=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/WVE5K6A27ZATDFT5ZPJWGRXZ2M.jpeg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e39afaa4a65cdc7a9ace563eb2bb346ef4a9877dffb539a6dd1753d5f594584b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
x-serial: 1511
etag: "72de4547f208a7a59b870c28580a42a6701c3b24"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535471
last-modified: Mon, 12 Sep 2022 13:04:36 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=102
content-length: 37709
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 13:03:49 GMT

GET
H2 200 EEXYIHRZ7VE7RJDSZ3KWFRMY4M.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/LJLkd6CtXBkTjerDg2ZtAsww2bU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 28 KB
29 KB 130ms
127ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/LJLkd6CtXBkTjerDg2ZtAsww2bU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/EEXYIHRZ7VE7RJDSZ3KWFRMY4M.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

353c5f8fdb83bea0dbf3c470decf933e60a72fd61d05091bcb2be7d5052ad1d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Fri, 09 Sep 2022 13:47:16 GMT
server: Akamai Image Manager
etag: "9b6716ba51a3fa28e0e415096ce4d69fa23d36a5"
strict-transport-security: max-age=86400
content-type: image/jpeg
x-edgeconnect-cache-status: 1
cache-control: private, no-transform, max-age=31278980
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=106
content-length: 29137
expires: Sat, 09 Sep 2023 13:48:58 GMT

GET
H2 200 7SATMFAP5JCUZI76HMX6PHRJHI.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/v7RmrzplXEfK2gVnrxqltyh0XrI=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
35 KB 274ms
272ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/v7RmrzplXEfK2gVnrxqltyh0XrI=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/7SATMFAP5JCUZI76HMX6PHRJHI.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9a25cd45168fd56ffcfab5d6c921dc2b95e3a72a7e6e3daa1d1c8674f2e0d347

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 12:50:14 GMT
server: Akamai Image Manager
etag: "9f32a166e6908a3dbd4dfbb0cb99ba0bc0cd6701"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534669
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=222
content-length: 35032
expires: Tue, 12 Sep 2023 12:50:27 GMT

GET
H2 200 ELA7SW7VSVCDXMQJMSHM6GOMQU.JPG
gray-kold-prod.cdn.arcpublishing.com/resizer/YX7CgefuNo6VOIZCU-JlfZPfN5s=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 104 KB
105 KB 93ms
90ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/YX7CgefuNo6VOIZCU-JlfZPfN5s=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ELA7SW7VSVCDXMQJMSHM6GOMQU.JPG

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fb1650c8ffaae50b1049c7624359c3c116ec9361837a536aae4d98034974dabd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
x-serial: 1292
etag: "a435d58647451aaa83321ad62951e9d6ba0e7f1c"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31529848
last-modified: Mon, 12 Sep 2022 11:29:11 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=254
content-length: 106432
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 11:30:06 GMT

GET
H2 200 7Day.jpg
webpubcontent.raycommedia.com/kold/Intellicast/ 780 KB
782 KB 227ms
180ms Image
image/jpeg 23.36.162.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpubcontent.raycommedia.com/kold/Intellicast/7Day.jpg?time=1615579260000
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-26.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 059ab69039d3f4ba876a646e45a77b6394cf0e7ae0a1d37cbb3ea2ada9830ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 11:00:09 GMT
server: AmazonS3
x-amz-meta-user-agent-id: kold@s-69172a5d8df84f908
x-amz-cf-pop: FRA53-C1
etag: "c6bf2cea96be4c862e4e0625857fd22b"
x-amz-meta-user-agent: AWSTransfer
content-type: image/jpeg
cache-control: max-age=240
server-timing: edge; dur=2, origin; dur=165, cdn-cache; desc=REVALIDATE
content-length: 798776
x-amz-cf-id: AcbIO__AWruwMjtli_DKDTGE9e2q4JpUU59av25faJ2HOEJmt9FWEg==
expires: Mon, 12 Sep 2022 13:16:38 GMT

GET
H2 200 t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 77 KB
77 KB 190ms
188ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
x-serial: 1448
etag: "4a33211f4b0144a0291def8c8385c21a4629fd50"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31508176
last-modified: Mon, 12 Sep 2022 05:29:11 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=310
content-length: 78455
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 05:28:54 GMT

GET
H2 200 t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 96 KB
97 KB 102ms
100ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 05:24:32 GMT
server: Akamai Image Manager
etag: "0dba58772bae461e57204b8652b8e411681ca627"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31507919
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=42
content-length: 98693
expires: Tue, 12 Sep 2023 05:24:37 GMT

GET
H2 200 t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/ 72 KB
73 KB 143ms
141ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Sat, 10 Sep 2022 01:28:37 GMT
server: Akamai Image Manager
etag: "a2fddffe415aa5cc83a1d14b9c4debc2b12b3254"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31320928
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=74
content-length: 74034
expires: Sun, 10 Sep 2023 01:28:06 GMT

GET
H2 200 t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/ 50 KB
50 KB 161ms
159ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
x-serial: 1802
etag: "28fc93541e1dbb2d64ea387dd200f8f30fd02852"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31280117
last-modified: Fri, 09 Sep 2022 14:07:54 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=240
content-length: 50734
server: Akamai Image Manager
expires: Sat, 09 Sep 2023 14:07:55 GMT

GET
H2 200 iframeheight.js Show response
www.metv.com/js/ 1 KB
732 B 310ms
93ms Script
application/javascript 52.7.195.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metv.com/js/iframeheight.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.195.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-195-165.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 19:46:41 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag: "478-5e80774876a40-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, proxy-revalidate
accept-ranges: bytes
content-length: 467

GET
H2 200 v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy Show response
reconditerespect.com/ 92 KB
27 KB 179ms
125ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3444e6e1fd6657e018f6b0582e1fd9baf7ea77a57cb2a4b3417e4ca18ba0256a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "f4d7a12a2349e3f64a2d4498ecdd622ea83a42ee1ae25e7e0b19900c4d16b17b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 13:12:38 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg Show response
reconditerespect.com/ 15 KB
6 KB 171ms
117ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "344639d123c9b3004bd103fc8c43c90579f881a13b00f500c82f7e218eef0586"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 13:12:38 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 424 KB
128 KB 49ms
17ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 19:59:16 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=98249
accept-ranges: bytes
content-type: application/javascript
content-length: 130020
expires: Tue, 13 Sep 2022 16:30:07 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 55ms
25ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 19:06:55 GMT
server: cloudflare
etag: W/"1bbec-182eaffe498"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7498e5564a7490c4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
43 KB 91ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

791360d716edd0409f5b265c5cdc56ea0bc90d20bde697cbaf2e75d100f019d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43740
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 580 KB
47 KB 32ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da34a8cf4a72f0722632afcec89812e5bf2ecfe7bba0b2c220ca23b463478d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: gIIBzAGrBWl4MHOkgyiyIBApd0wG34UM
content-encoding: gzip
age: 4731
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 14
content-length: 48002
x-amz-id-2: 5vJaFQ7UuYomTG4PwbUm1qIQBoonpvrILqEv1fdKtKHHlM68qBtN+moSBRzAiHHiEYOQbAsQFeM=
x-served-by: cache-fra19165-FRA
last-modified: Mon, 12 Sep 2022 11:53:46 UTC
server: nginx
x-timer: S1662988358.179740,VS0,VE2
etag: "1ffc7827d07be307908b12bd4b055d1b27f957d1"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: SBEMQFKQM2YAV8FH
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Mon, 12 Sep 2022 13:12:38 GMT
abp: 12
x-cache-hits: 1

GET
H2 200 RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 36ms
9ms Script
application/javascript 2a02:26f0:3500:586::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
last-modified: Sat, 13 Aug 2022 16:33:58 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 kold.jpg
www.kold.com/pf/resources/images/mastheads/backgrounds/ 45 KB
46 KB 24ms
24ms Image
image/jpeg 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/backgrounds/kold.jpg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: W/"70f834011095540e8d85ff255e947fe9"
x-serial: 1535
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31199978
last-modified: Thu, 08 Sep 2022 15:52:32 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 46158
expires: Fri, 08 Sep 2023 15:52:16 GMT

GET
H2 200 kold.svg
www.kold.com/pf/resources/images/mastheads/logos/ 12 KB
4 KB 23ms
23ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/logos/kold.svg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-amz-request-id: AZBZX3SNP4ZHXBZG
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 3908
x-amz-id-2: F3n5g8uA2vt68/91t3jrvnQHG4C5L0qIRkVtXqgIvX1y0tEhUka7dKIiKbqHcsal5jzZf+Lth8Y=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"4a91d2a13bd624e7a386b3103266ffc4"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:38 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 25ms
15ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2837536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3yi7jNzsvxOFA9IjBaXAuJRHx1GwjjAAQgC45QHpDnOHPyrcyUUuRAQ5DR4GvKow5qLNRLdIacIVsg0E0Q%2FRJ1MjMp2IAMMlDP1z%2FD4IdxlR5Tf0McF8gKj3GluYKOlbDjCUbPkXkbJIoscf7MOSApH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7498e556387b9ba6-FRA
expires: Sat, 02 Sep 2023 13:12:38 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 19ms
19ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 380456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSH07SD2V1ivHDaUejZvKbQKZNLsXxgfTqCynKyIyHAqhFBr7TDth3UeNp1aZiXlTw4tUokbhXeP4zLneScO30j8M3LGDDMCIa%2FDY9Vk34SKdf6fhD5Ww9HdeRw%2BMCRUA8ne%2FBvjrQaRXdjDR5aP5Xl8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7498e55638859ba6-FRA
expires: Sat, 02 Sep 2023 13:12:38 GMT

GET
H2 200 framework.css
www.burst.com/webapps/embed/ 11 KB
3 KB 12ms
12ms Stylesheet
text/css 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.css
Requested by: Host: www.burst.com
URL: https://www.burst.com/webapps/embed/framework.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Qqt_gEK_RpLzus8u20YU9JYh8awwY0sB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 1836
etag: W/"72f8f831414cf37903a38162b0291620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 12:43:56 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: amx0OusWYZJ2tQ2tM_MHSgcf43uci4qM9X3xrjYJK0ri9QAEmOcgDg==

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 968ms
742ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e55"
vary: Accept-Encoding
x-hw: 1662988358.dop223.fr8.t,1662988358.cds007.fr8.hn,1662988358.cds107.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 147 B
474 B 144ms
109ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kold.com&domain=kold.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 121
x-served-by: cache-fra19148-FRA
access-control-allow-origin: *
x-timer: S1662988358.232268,VS0,VE99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 10 Sep 2022 13:12:38 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 57ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 13:12:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 328363
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=HdOR5Xx6b1ZLbjRaeG4vTEVkUFhwdU96ZG5PN29hRlhEb0pnYkxpSXFaL2dma24rTnhiQnpOTFZNZjVuS2xWYzRJM0dxNzVzcFFQa01sSFlQSklHQU5nNXNIaGxWc1VyMzVFZ2VTYjRjWXZFZzFmRUJNWkdLTXFQMkxLbk...

353 B
639 B

45ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HdOR5Xx6b1ZLbjRaeG4vTEVkUFhwdU96ZG5PN29hRlhEb0pnYkxpSXFaL2dma24rTnhiQnpOTFZNZjVuS2xWYzRJM0dxNzVzcFFQa01sSFlQSklHQU5nNXNIaGxWc1VyMzVFZ2VTYjRjWXZFZzFmRUJNWkdLTXFQMkxLbkVEcysrTVR0VThUNXhKMlhxYTlBZHhXUG5oQkIyWHVtN25JUU9abTBJL1o1RlNoSmtWbVJjN3h5YTBFNFlNRzlFMGN6U1VCRWRlbERSdHprY1pndmx5UnJuU2tqR09uNjhoaEhCNkNoSHVIRVc5WG40SytnPXw&cppv=2

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb3747b110e25355e36a9f00bb35550868c4da1f9591eb1d3c882c659b1240ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1626794
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:37 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=HdOR5Xx6b1ZLbjRaeG4vTEVkUFhwdU96ZG5PN29hRlhEb0pnYkxpSXFaL2dma24rTnhiQnpOTFZNZjVuS2xWYzRJM0dxNzVzcFFQa01sSFlQSklHQU5nNXNIaGxWc1VyMzVFZ2VTYjRjWXZFZzFmRUJNWkdLTXFQMkxLbkVEcysrTVR0VThUNXhKMlhxYTlBZHhXUG5oQkIyWHVtN25JUU9abTBJL1o1RlNoSmtWbVJjN3h5YTBFNFlNRzlFMGN6U1VCRWRlbERSdHprY1pndmx5UnJuU2tqR09uNjhoaEhCNkNoSHVIRVc5WG40SytnPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 475466
content-length: 0
expires: 0

GET
H2 200 impl.20220906-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 682 KB
141 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220906-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dd204c80f3fc250dda88118ac68d7be7e80637d98126d7e0ecf75e95bd1dfb6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: UD5cypFiz.6GJxgscOARtoxeNCA7EXqM
content-encoding: br
etag: "aa9a0d5c6e39be16b98dadd7c5dd7f94"
age: 6888
x-cache: HIT
content-length: 144499
x-amz-id-2: 6FrqAu5zSrJ1bQ5q+JZ0bNQMtkOxkD/fXg9otxKLVxADJZONjwpNqRVi7BhDZqagdx0i5YKj9vs=
x-served-by: cache-fra19165-FRA
last-modified: Tue, 06 Sep 2022 11:05:05 GMT
server: AmazonS3-br
x-timer: S1662988358.260835,VS0,VE0
date: Mon, 12 Sep 2022 13:12:38 GMT
vary: Accept-Encoding
x-amz-request-id: 4E8H5WK59HQN8Z1V
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 51
x-cache-hits: 4

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 33ms
8ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:29:45 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 31374
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: K7gfu0wBnSTeGsptaHFMnoeHUXIsItE4LSOtDPg5NETlQpP-ORt5WQ==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 18ms
17ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=vignette-disclosure_ctrl
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1662988358.261694,VS0,VE0
x-served-by: cache-fra19165-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
48 KB 63ms
34ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f171731dbecb4b7a61e855714eb96670305c38e1324b5b1b522887559a08ccfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49405
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H2 200 affiliatedwidget
www.metv.com/ Frame B619 0
0 101ms
100ms Document
text/html 52.7.195.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.195.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-195-165.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1938
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 13:12:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 grayLogoHorizontal.svg
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 49ms
49ms Image
image/svg+xml 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=286

Requested by

Host: gray-kold-prod.cdn.arcpublishing.com
URL: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-amz-request-id: AZBJJGAA6ZBQFQMW
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=61
content-length: 5010
x-amz-id-2: ri4qkQE2sOZW1oiiS/J9voF4kJ0BgyA/k1ui4vxPMGrzsWojdqUlet5bY0jn9TbMBkPDEgx7lr8=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:38 GMT

GET
H2 200 json Show response
trc.taboola.com/graytv-koldnews13/trc/3/ 18 KB
6 KB 302ms
296ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/trc/3/json?tim=13%3A12%3A38.352&lti=vignette-disclosure_ctrl&data=%7B%22id%22%3A465%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662892885565%2C%22vi%22%3A1662988358350%2C%22cv%22%3A%2220220906-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A8538%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5512%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22orig_uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22cd%22%3A1712.578125%2C%22mw%22%3A389.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5158.90625%2C%22mw%22%3A1270%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHomepage%20Native%20Backfill%3Dthumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22vignette-disclosure_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 101aec24c62f2459e99a3f952d5effb7c5b4097c0c9c7be9297badff4bea393f

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 287
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
server: nginx
x-timer: S1662988358.365216,VS0,VE287
x-served-by: cache-fra19165-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 72ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0239156cced369fa88bffe603a2704df3ad45a4892cf1d1d38410c25105a0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28717
x-xss-protection: 0
server: sffe
etag: "1331 / 431 of 1000 / last-modified: 1662980886"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H2 200 affiliatedwidget Show response
www.metv.com/ Frame C820 6 KB
2 KB 94ms
94ms Document
text/html 52.7.195.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/engine/react.js?d=286

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.195.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-195-165.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

9b75103503b2ac30ec63629a89a3a1ee2c0869885264571e65dda0b8027ef518

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1938
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 13:12:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 wx-current-conditions-v3 Show response
www.kold.com/pf/api/v3/content/fetch/ 314 B
509 B 142ms
142ms XHR
application/json 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=kold&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

94fdb407d85f90c0bf28ef21bd4d53bd093ef952b79964f62bbe1d6e3b951a57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 120
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 13:10:16 GMT
server: openresty
etag: W/"13a-kHw18hvD8hr2ewhTbzRMomkWW7k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=84
server-timing: cdn-cache; desc=HIT, edge; dur=128
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 183
expires: Mon, 12 Sep 2022 13:14:02 GMT

GET
H/1.1 200
OK KOLD_poll.json Show response
s3.amazonaws.com/grayfilestore-kold/gpollData/ 22 B
561 B 321ms
119ms XHR
binary/octet-stream 52.217.33.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/grayfilestore-kold/gpollData/KOLD_poll.json?rnd=2JT3gppjQwaK&arc-site=kold
Requested by: Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.33.182 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Last-Modified: Mon, 21 Jun 2021 20:30:02 GMT
Server: AmazonS3
x-amz-request-id: 5D5ED8TME4FTTNGX
ETag: "3b3cd2921e72de25e5dca50ff96c6a78"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Accept-Ranges: bytes
Content-Length: 22
x-amz-id-2: Ndn2Se+/nX51r0vGG1uUbwjrRLrTJXANIH5sX7lSMUyhl6+G0RxzsGu8jGe+9j1vLEyXjHPd7F0=

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 25ms
23ms Image
image/png 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507938
x-powered-by: ASP.NET
content-length: 816
last-modified: Thu, 11 Jun 2020 23:20:57 GMT
server: cloudflare
etag: "d7046f64640d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0ekA3Jw35H1C9wa89WiTdEPn6qVbNDj%2FCJ7NX%2FJKvPio478iKg0ElPR46KQ5MMKRbWLZ6gkVnovN4S9SemgN%2F7aC4iPBtP4ro3GYVN5KCpaqm44XGYrXW1if%2FvoQhelPeT1Rpq3c6%2FDplCyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7498e5594ef79a2a-FRA
access-control-allow-headers: *

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 82ms
19ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 13:12:38 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 560238
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 55ms
7ms Script
application/javascript 2600:9000:223f:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
age: 18054875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Vkl2HE_Ux6A6iz1v4EiuuBsruW3ZS2v2NZxKUBdGCHRMYQO2DZqNFA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 294ms
95ms Image
image/gif 44.195.113.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kold.com&p=%2F&u=DBZuFU7z30HDF80zo&d=kold.com&g=39189&g0=%2Fhomepage&g1=No%20Author&g4=section&n=1&f=00001&c=0&x=0&m=0&y=5512&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2337&t=DyuBsJCWAouSBq_qSvBrjxpkDn32HC&V=136&i=Home&tz=0&sn=1&sv=DOK-X-C_fn0EB7PIJgDIK6zDDY8Cxq&sd=1&im=067b2fff&_
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.113.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-113-55.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 17ms
17ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662988358693&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: GBtEfdxPx3KPFpKjuFoPShzleiDDE8rtpoj6lXWUTEGvcrUOfZ2kBA==
x-cache: Miss from cloudfront

GET
H2 200 userx.20220906-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220906-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13e4a7155e236f5fdec886cc91cb29b1dcd431407edb588229097858d46e0aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: EpoWXBlnGY79L6UEQCP23_nLjSLNB0sT
content-encoding: gzip
etag: "1dfd743d2c6090a5c0e1cd871dd1150f"
age: 87
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: WfyO79JjMhLeUG+u51V7Sd+tBe6aiyIEehULkvuSWp1U/jlmUvzEQuAX8GtP8y7POWi9/LXJJOw=
x-served-by: cache-fra19165-FRA
last-modified: Tue, 06 Sep 2022 12:26:25 GMT
server: AmazonS3
x-timer: S1662988359.712731,VS0,VE1
date: Mon, 12 Sep 2022 13:12:38 GMT
vary: Accept-Encoding
x-amz-request-id: Q0JHJQYGMKHYXH88
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 51
x-cache-hits: 1

GET
H2 200 XG2CD752B5BXDEN2UEHVTU7MFY.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/4i-k0w-t_5BvDGmxDPeB7a8bMcg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 24 KB
24 KB 120ms
119ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/4i-k0w-t_5BvDGmxDPeB7a8bMcg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/XG2CD752B5BXDEN2UEHVTU7MFY.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cde90dddfcc5ac63a77f89801cc5acf872367a7afcc13653b2e2512943929212

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 04:00:19 GMT
server: Akamai Image Manager
etag: "95a900c0e83201e0f88450ba69bc8a1c9a904ead"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31502857
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=105
content-length: 24452
expires: Tue, 12 Sep 2023 04:00:15 GMT

GET
H2 200 VIXKD34FQBBGND5PO2CHKXKLWI.JPG
gray-kold-prod.cdn.arcpublishing.com/resizer/62uC9OvJsuLbgRtn_YSfp7l880A=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 40 KB
41 KB 79ms
79ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/62uC9OvJsuLbgRtn_YSfp7l880A=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/VIXKD34FQBBGND5PO2CHKXKLWI.JPG

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6d8ccff43906b2881351992cf7f710487e65c875f97d43b2b597e8da4987350f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
x-check-cacheable: YES
x-serial: 745
etag: "4848f43f8190e81c69b5cce456baae1088c3e01b"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31517132
last-modified: Mon, 12 Sep 2022 07:57:41 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=35
content-length: 41106
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 07:58:10 GMT

GET
H2 200 YEZVTDCZT5FQNJO6WJURQITTX4.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/GNJ6NfvpseqXWyETaASZ3TBparU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 42 KB
42 KB 81ms
80ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/GNJ6NfvpseqXWyETaASZ3TBparU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/YEZVTDCZT5FQNJO6WJURQITTX4.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5680a747dd348b317409133b28002a66541c5c2df480a13129921ecf91ce8eaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 02:16:40 GMT
server: Akamai Image Manager
etag: "bebd5ec55291af9c2bf0542c6c094d5afd7225a3"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31496623
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=52
content-length: 43018
expires: Tue, 12 Sep 2023 02:16:21 GMT

GET
H2 200 CCDQP63ASNDB7CCTCSXXQVRJCA.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/k_lRIGZeIflTkGigSJXrehXPAfk=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 39 KB
39 KB 83ms
83ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/k_lRIGZeIflTkGigSJXrehXPAfk=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/CCDQP63ASNDB7CCTCSXXQVRJCA.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b8ec1cc9eefba4a54562f24cd80121e505c0c7f36c4e86ed48236c5b86c9c1cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 12:43:28 GMT
server: Akamai Image Manager
etag: "fc1a1e89853eab02f241524c25388c77d3acd780"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534260
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=45
content-length: 39645
expires: Tue, 12 Sep 2023 12:43:38 GMT

GET
H2 200 42VQNXC6TRGDBPZNJIKTXHMYMU.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/IyVp2ayYIaVenm-i_A4lnzFd8YA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 44 KB
44 KB 127ms
126ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/IyVp2ayYIaVenm-i_A4lnzFd8YA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/42VQNXC6TRGDBPZNJIKTXHMYMU.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

84cb41abe564f4c2e7041555bcda98b601cd042674be75457b43f1e3f7b7c6ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Wed, 10 Aug 2022 22:23:53 GMT
server: Akamai Image Manager
etag: "bb8f6cff838f6a8bc7c628b94c9353c146145cc6"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31254765
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=85
content-length: 44554
expires: Sat, 09 Sep 2023 07:05:23 GMT

GET
H2 200 THUNS2TF5VAW5CMNWQD4MORWOI.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/nqZIi_68QMz_O3oRUQd20_VwL5U=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 56 KB
57 KB 80ms
79ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/nqZIi_68QMz_O3oRUQd20_VwL5U=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/THUNS2TF5VAW5CMNWQD4MORWOI.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2c280f4460dd82e94094fbaf0069ed0217d5d2778d57d3eefaf0d0e6e83f4905

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
last-modified: Mon, 12 Sep 2022 03:53:29 GMT
server: Akamai Image Manager
etag: "6cad84252809247f244c6da042aabdceafcad662"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31502460
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=34
content-length: 57788
expires: Tue, 12 Sep 2023 03:53:38 GMT

GET
H2 200 style.css
staticcdn.metv.com/css/ Frame C820 313 KB
56 KB 77ms
18ms Stylesheet
text/css 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://staticcdn.metv.com/css/style.css?v=1.2
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-601.bunnyinfra.net
Software: BunnyCDN-DE-601 /
Resource Hash: 6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
cdn-edgestorageid: 722
access-control-allow-origin: *
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
server: BunnyCDN-DE-601
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4e59e-5e3dde877dbc0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, proxy-revalidate, max-age=31536000
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cdn-requestid: 7291259a010ab38ddf06a1b602391db4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ Frame C820 48 KB
11 KB 54ms
27ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://www.metv.com/
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19892509
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JVN8RS3G4SSKWEHP
x-amz-id-2: ClK0AIp0xRQ7c9ZrOTMOWzxCVv2lvJn8mPAUdVEGQaAVWaIRCO6jpYz0cdrdgLra9XETIZLzWt8=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFC9W%2BIQJ6XMRsUoRYIqLX5ZRMuyynSB49xtrRiIPB%2Fl4vWqTSIEG2WA4R8UULU8fZppoiLQLo1lQuExaC80JMMfW6Bgi5zvtsRwXKR1t3vQKvpIy3SSEq9OnoKxvUdihDHA6jUQLAqQA0Et4Ykh6PZl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 7498e55a6dffbb8c-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame C820 94 KB
33 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 12:55:44 GMT

GET
H2 200 metv_logo.png
staticcdn.metv.com/images/ Frame C820 6 KB
7 KB 26ms
25ms Image
image/png 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticcdn.metv.com/images/metv_logo.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-601.bunnyinfra.net
Software: BunnyCDN-DE-601 /
Resource Hash: 7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
cdn-edgestorageid: 755
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
cdn-requestpullsuccess: True
content-length: 6506
server: BunnyCDN-DE-601
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: public, proxy-revalidate, max-age=31536000
cdn-requestid: 2af31412bc7a8b5c944bde02786caf39
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 20 Jul 2023 13:32:23 GMT

GET
H2 200 8kQoV-1554743736-71-markets-kold_web.png
cdnmetv.metv.com/ Frame C820 63 KB
64 KB 84ms
22ms Image
image/png 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/8kQoV-1554743736-71-markets-kold_web.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: 7Q2GS8B286N5KDFN
cdn-cachedat: 07/20/2022 14:03:55
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 64944
x-amz-id-2: xKZotaCetv0Ai7JytubWrUczh/3kQmnjICOuagOfSfJUVxE83LF10yYd1Zherx4PoBdULKz8fQs=
server: BunnyCDN-DE-864
last-modified: Thu, 19 Sep 2019 22:49:52 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31556926
cdn-requestid: 85f30388864f976650adf48a147804ce
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Mon, 08 Apr 2024 17:15:36 GMT

GET
H2 200 DEkWH-1662568910-4142-blog-mash_50th_header.jpg
cdnmetv.metv.com/ Frame C820 11 KB
12 KB 92ms
39ms Image
image/jpeg 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/DEkWH-1662568910-4142-blog-mash_50th_header.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
cdn-edgestorageid: 722
x-amz-request-id: 7E1EMAECJZ4AE58W
cdn-cachedat: 09/07/2022 16:55:49
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 11307
x-amz-id-2: meBDbODbyOimEAhMw14hAFkr5lHM4K5oRdVsGE/USy4GEIpjRBDc4uPieUt7i6IQu+UVuUWhJ5M=
server: BunnyCDN-DE-864
last-modified: Wed, 07 Sep 2022 16:41:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: b3ac3b5e89a9222b0d0187f2d71cbfce
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Tue, 07 Sep 2027 16:41:50 GMT

GET
H2 200 4Fvwk-1662647969-3105-quiz-header_-_star_trek_true_or_false_quiz.jpg
cdnmetv.metv.com/ Frame C820 17 KB
18 KB 66ms
40ms Image
image/jpeg 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/4Fvwk-1662647969-3105-quiz-header_-_star_trek_true_or_false_quiz.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 66fab282a68497eef53dc56860657890e81b9241329eed9949fdf10c7f6f2cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
cdn-edgestorageid: 632
x-amz-request-id: XSE0QB1ZMK4ETGP9
cdn-cachedat: 09/08/2022 15:23:50
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 17491
x-amz-id-2: dgGtbgxNmE9Fb4n7LN9MPKK/Tk4sBmY9cpCo1t8snzcCZUTBjMunj12ypzddJIecmPKnnczCWRU=
server: BunnyCDN-DE-864
last-modified: Thu, 08 Sep 2022 14:39:30 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: 8571ab05137e2cead05f89d9b71cdaf9
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Wed, 08 Sep 2027 14:39:29 GMT

GET
H2 200 toAsL-1662666839-3106-quiz-header_-_a-team_outfit_quiz.jpg
cdnmetv.metv.com/ Frame C820 14 KB
15 KB 66ms
40ms Image
image/jpeg 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/toAsL-1662666839-3106-quiz-header_-_a-team_outfit_quiz.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: cdd4b204ea90fde8ddc1180f81080b3170f039b8575f0a1d7b53966c9aa5c1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
cdn-edgestorageid: 864
x-amz-request-id: 67KZENAHT59JVG5P
cdn-cachedat: 09/08/2022 20:34:15
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 14592
x-amz-id-2: kQ+CbM1JkNAuyyW3+8gT5waMatWpMDVqX9jae0iduPOfFGr5hl8mES0TcL4BSpKElLR3o0UqDHI=
server: BunnyCDN-DE-864
last-modified: Thu, 08 Sep 2022 19:54:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: 2b27e9049abd81791b9cf9fc136df373
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Wed, 08 Sep 2027 19:53:59 GMT

GET
H2 200 30.svg
www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/ 16 KB
5 KB 18ms
18ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/30.svg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

51deaa90088d013d49b55a0642d2fa337a936b9526cea4d37ab5d8d00715cbfc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-amz-request-id: 2ER832GB2016BXHT
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=4
content-length: 4542
x-amz-id-2: bgblPonRuYxVPpIXJfVoNSNakhNZefXKANBSUjlWEG1NzwiuDfpw4nPC4WZHSh/Zz1UQ+9duXS4=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"aeb3a6e4aff00660da0a1b8daee232e4"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 13:12:38 GMT

GET
H2 200 87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 15ms
14ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e638165637f01eb5868748cb0ddf22d984529ff9438ef9a4a95e0a2e66d2150e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 12 Sep 2022 13:12:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 4607074
edge-cache-tag: 529855673185721302426545584578276134058,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
cache-tag: 529855673185721302426545584578276134058,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 72
x-cache: HIT, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
content-length: 6244
x-request-id: f783cf416b0b6de6325dd5953101c36b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 20 Jul 2022 12:40:13 GMT
server: nginx
x-timer: S1662988359.769904,VS0,VE1
etag: "bef5a361f117c4fdd64410c72db048ad"
x-served-by: cache-iad-kjyo7100171-IAD, cache-iad-kcgs7200031-IAD, cache-lga21948-LGA, cache-iad-kiad7000145-IAD, cache-fra19165-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 638
date: Mon, 12 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 15:02:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
53 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1dff4a3052a6122f122d5bc847b216ede422889e551f1e1d933f227fd1c15f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53941
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eae4c9c0fe2d17e96b8e88ef29eff61009d1950c52cead38c26cd828945c50a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74791
x-xss-protection: 0
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H3 200 pubads_impl_2022090701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 68ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:36:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Sep 2023 08:46:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
132 B 88ms
49ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 62ms
24ms XHR
application/json 2a02:26f0:3500:981::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV&d=www.kold.com&t=5543295&v=1.720.0&sl=0&si=014027f3-44e6-469b-baf7-b9903e9a63e9-ri3m10&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677262
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 27ac1a71c957bc05469f89ceda81baeca2e4a18965143649949e1e2503d0aa65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 13:12:38 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 137ms
79ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 13:12:38 GMT

GET 476dfeb0-1072-0138-f111-06a9ed4ca31b
tag.simpli.fi/sifitag/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RN7RQJ27EZ&gtm=2oe970&_p=1722949696&cid=1092319172.1662988359&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&uid=&sid=1662988358&sct=1&seg=0&dl=https%3A%2F%2Fwww.kold.com%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&ep.date_published=&ep.published_day=&ep.published_month=&ep.published_year=&ep.content_type=section&ep.primary_section_name=&ep.content_owner=kold&ep.content_provider=kold&ep.content_id=%2Fhomepage&ep.ad_target=%2Fhomepage&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=&ep.user_timezone_timestamp=Mon%20Sep%2012%202022%2013%3A12%3A38%20GMT%2B0000%20(GMT)&ep.timezone_offset=%2B00%3A00&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&ep.content_name=Home&ep.content_keywords=&ep.distributor_name=&ep.distributor_category=&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=&ep.output_type=default
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C820 49 KB
20 KB 63ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 638
date: Mon, 12 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 15:02:00 GMT

POST
H2 200 v2vmtC8ecW32h_kaARHpbUGm43bznOpO0-T5KwbuXvt0Mb1RMCHGGMM_W1tSF-KwPnwCXaCqVhQ Show response
operationchicken.com/ 191 B
696 B 94ms
34ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2vmtC8ecW32h_kaARHpbUGm43bznOpO0-T5KwbuXvt0Mb1RMCHGGMM_W1tSF-KwPnwCXaCqVhQ

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

5e6484ac287eb91583ab3cbc451e9c0f94e01fab04584c7d78527afc48a07a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 13:12:38 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 12 Sep 2022 13:12:37 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 58ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1722949696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAC~&jid=421403133&gjid=841969882&cid=1092319172.1662988359&tid=UA-22223248-16&_gid=1285671193.1662988359&_r=1&gtm=2wg970MV7SQ7H&cg1=%2Fhomepage&cg2=section&cg3=kold&cg4=%2Fhomepage&cd5=section&cd6=0&cd8=kold&cd9=kold&cd10=%2Fhomepage&cd11=%2Fhomepage&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd14=KOLD%20News%2013%20is%20your%20local%20source%20for%20breaking%20news%20and%20your%20First%20Alert%20to%20severe%20weather%20in%20Tucson%2C%20Marana%2C%20Casas%20Adobes%2C%20Oro%20Valley%20and%20Sierra%20Vista.&cd16=Mon%20Sep%2012%202022%2013%3A12%3A38%20GMT%2B0000%20(GMT)&cd17=%2B00%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&cd19=Home&cd40=default&z=1013991764

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 54ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ Frame C820 66 KB
67 KB 43ms
15ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:38 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16922710
cf-ray: 7498e55b8f489b67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: q6Yz1J/AnvFXsmUtovubJCWYMvzvIUzIbq/Eor/i7B9SpBQfifhe0stcB0C3KG9xE9UA2PoU0Nk=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8AA8k0u5Qd3hxBx4D7uJqUHB2zytjnOGffjSvtpFFNkE31%2BhA3u45IbsCEKIhke%2F%2F59MIkWEuXbrNLQgsNDM%2F%2F7j4PJ%2FbcdPeu6%2FAwMM%2Fu9YfVjPTubMf68%2BIdpJdkx0LAV%2F8Q%2BSe6Dt99394rqvykS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: Y68TE70QCVBPNVT1
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 121ms
74ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 13:12:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 205ms
167ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7866f2b0f417c5a98d4ed52128a7fa6fee53459369de1d01425fbfce6085ea30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 74aceedc-261e-45ba-b913-eeb2c5571d46
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
312 B 130ms
105ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225958cc3a7aafba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265e0204a5d42eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227fb9bfc602abd6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22875bf91a04c772%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfce06b1e3b8fc00766b53e499f497a39359d084f92ad0b9039aa6a93b5e13cf

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG%2FK3%2Ffv6wWGfdtB4fg3vqI%2BJUwXVR2zkKCYzBLW2dsrJhyGddiSKjEX0IIfFBu3GE%2FPFAmZsxl7YH5Q7IN2JEhxm8Wy2u6FYr8OjfK345f0z9upRwNSbPsbKjnyHwCNzBixWHRd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55beaee5c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
313 B 99ms
77ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2298c283df153c4c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22106660d83cd9733%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211581ba5f2bae84%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2debbc1274658a3631e1f38f57ef69756898cfea81bcd85490222639a44b91a8

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCYaJHAH%2B27PzweMrvIx7tx64ANk6HWSxug0yF9l5SvPpSIlA2QN8E67NisQCUDmivGQmtECHxrrPdRZNPA424b%2BzxvZY7Wdh5bnCGifSubQzEmj%2B6egSRzdipe8W%2FCoXk83bU7l"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55beaf15c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 111ms
72ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 13:12:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 16 KB
8 KB 103ms
72ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8ea8d160a6b41fde86bbfe2d59eea827cb4ad906e7f79ef0b21424e9198af20b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3c940630-bc67-460b-91ef-23e0b3c149eb
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
310 B 70ms
52ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22164efc67927768b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2217f5e862de700ec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221024x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A1024%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62224bc4b476b2c7068e831792b147d64aa118da787e148e9717fc8dad5d121

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETWbHKXHnmw%2Fo8Wqnp%2FLGtLaTbybiiIHcR4vBe33BvH2Sq2qZD41D%2FV7GM5fyescLKASAYSjzsWYopMBnpohaoI2AbrmLFp4hfghASKZs8XAvRLF8rGwI2lzfaSyMG%2B73aLqtPbI"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55beaf35c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 91ms
61ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

11d9b866023d83f49920f69b0bb910dcef0921445d644bceb56decd487be7000

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 350cbe33-c105-439c-9f85-ecfa47619245
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 71ms
43ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

913bfa963cbf7fc6e19616fc9984ff6677f396db3fea718ce992e160500ff352

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 139d15f0-7059-4863-9517-920602be3c6c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
565 B 49ms
37ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22228258ad7210031%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22237702dfb415761%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221900x1200%22%7D%2C%22banner%22%3A%7B%22w%22%3A1900%2C%22h%22%3A1200%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f97fe226248734aff54d561f1d6ac471aef2c1348cc421f1fb3bea21b9b45a

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMfYVeleVUimyZx0jCJa2FBBn5KSdO574MIKrJAwafvVr9lG9vnWt0y44teg6%2BmhWwFDS%2BLWe1Ezszksw7ZOHhubee423jb%2FJ3SItpGV%2B58NNAd%2FxDgLxKU1QFbfSluF7UaC56RR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55beaf55c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 71ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22223248-16&cid=1092319172.1662988359&jid=421403133&gjid=841969882&_gid=1285671193.1662988359&_u=YCDACEAABAAAAC~&z=1430564348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 13:12:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2dsw3zGrog4rjtySL8RFVGMARzlwVAbhY9OWeLtY4S6v0X2eMU7UL5mmiXood1HWO2gDys8sww Show response
operationchicken.com/ 3 B
27 B 163ms
129ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2dsw3zGrog4rjtySL8RFVGMARzlwVAbhY9OWeLtY4S6v0X2eMU7UL5mmiXood1HWO2gDys8sww

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 13:12:39 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/ 2 KB
2 KB 101ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/?random=1662988359039&cv=9&fst=1662988359039&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45dac65109fd91f5a840bb8f1590dad189483730c70b7322ac81599b04ca335f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 81ms
81ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0bd2f6f201dd23b6e4c2debb62301fdf02faca8a5b114c861b574a5f1207686c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09bd9c05-5117-4122-8b54-5e632bb6f66d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
537 B 103ms
91ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22263523cacad96e4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22274c8b1e284bd1f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fweather-widget%2Fradar%2Fseven-day-forecast%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02693e200cffca75ad921196bb3b4c7f42b366d0f6fd821f8008395df2037378

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAHGmqv3rtyQsZHDq3ltD%2FUgAc9Bu6PSYVnifrHVeJ64pEPC8strbqHfPcBqeL7pvgaTxPl9kNv%2B21L9OoFKf%2FtF8M6EYDbtgbMY6utWPa%2FO9FlloopUweLtOFpDZIdOk4qf2fZT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55c5e089bac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 128ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 80ms
80ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1900x1200&ifi=1&adks=713564622&sfv=1-0-38&fsapi=false&prev_scp=position%3D1%26pt%3Dsection%26cid%3D%252Fhomepage&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662988359094&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=-150&adys=186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1600x109&msz=1900x109&fws=4&ohw=1600&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df16a417e36dda6d4c975cd990c6a95f45e84e9913a9253105cb632fad23085e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10258
x-xss-protection: 0
google-lineitem-id: 6029484182
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396226819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 565A 6 KB
4 KB 119ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: Tue, 12 Sep 2023 13:12:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
6 KB 85ms
84ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

44676ef217047696a3bc0a97f58adfefefc6c2be8ba06c3634cb4e251f5d51db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dd64ec40-9321-41c1-b60c-2bce2e007c22
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 56ms
56ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 13:12:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
509 B 82ms
81ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22327d7d582d6cc73%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233b0be984bd934%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234b855a6eb2c008%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223554b3aab8b1208%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11d76af0384d0476ac0313b6e8a297056302f531fb2232745f6920c011194f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BY%2BWAIXfLrldLCn436AEnwT1aDWAq9alRKI1QaqzYd64Mi%2FdGuf5SK0wqsSxk3b8%2FcvLvSBEv0BkZU69njvBc5gh6O%2BAwTOTQEyJJM20TQofZmAOQBSB%2BGpwac5%2FpT8aZ6vvb%2BS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55c7e6c9bac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
507 B 93ms
93ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236f6f92f8df9edd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237eb51acaae907%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fstory-feature%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a6887ed310b7fb8a19f82874db30a5c171cd61ec27f90b4d2acc9f89b44098

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZvKn2IQgH36WIGvwmzXuUxqspJZmKZbtUkNNk19t%2FgBr5jOKKBcpxwyL%2FzrOW1%2B%2F519pFEqVOWrDhY78WFOdGW5wpbFjhE77DSjUNPIWLg4IycM4%2F9byBRk6UVgLXtjqfLlKOz9"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7498e55c7e7a9bac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
6 KB 64ms
64ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

159c7219a100ebf1a6fd0115c64ddac36c8a318ee8e39ac4922690a7ba59aef4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 54790e31-4fee-46f2-8a10-b0cde571d66e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 38ms
38ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 93 KB
14 KB 320ms
320ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1506fca8d943d86b7e00215d84febef963ab3f985a404bb3cac19fd730bbb300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13874
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7921 3 KB
2 KB 78ms
9ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 399F 52 KB
17 KB 73ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30867
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 290340
X-Served-By: cache-lga21958-LGA, cache-fra19177-FRA
X-Timer: S1662988359.207738,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B734 52 KB
17 KB 73ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30867
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 299978
X-Served-By: cache-lga21958-LGA, cache-fra19145-FRA
X-Timer: S1662988359.208484,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5C91 52 KB
17 KB 72ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30867
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 288958
X-Served-By: cache-lga21958-LGA, cache-fra19169-FRA
X-Timer: S1662988359.209247,VS0,VE0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7832 3 KB
2 KB 65ms
8ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3786 3 KB
2 KB 63ms
7ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 257ms
234ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=3&adks=1460125478&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662988359158&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=1135&adys=628&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=300x317&msz=300x285&fws=512&ohw=0&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3308f2cd5a4fefd61bef6f22619732e08ab23d94445bf1d0c0fbe6b93b7cba19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11743
x-xss-protection: 0
google-lineitem-id: 6029484362
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395751480
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CF68 15 KB
6 KB 28ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=123258
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 13:12:39 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:26:57 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2B8D 15 KB
6 KB 30ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=123258
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 13:12:39 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:26:57 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/680197802/ 42 B
548 B 81ms
27ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/680197802/?random=1662988359039&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=404191882&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/680197802/ 42 B
548 B 86ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/680197802/?random=1662988359039&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=404191882&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8D4 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: Tue, 12 Sep 2023 13:12:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 217ms
214ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=4&adks=17053661&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie=ID%3Da5dbdfcabc0b7d97-22d7cf571ece004e%3AT%3D1662988359%3AS%3DALNI_MZs1MxXptA6E6lQh4oewNCtfcEydg&abxe=1&dt=1662988359211&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=315&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1600x125&msz=1600x109&fws=0&ohw=0&psts=AEC3cPJ18tK2WlQDK3iB38qi8LAxIlcmPwN9bsW6GnAlN992iJInzF9nElUJbwPjQ-1qgmAQ7qIIvUSd2vHFmjtvxMjRjp-IHk8&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba534550e7ceb834f039c701a05dded737adcf4f94d739eccf91cb7f1320b817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
google-lineitem-id: 6029484218
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329851183
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 207ms
207ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cweather-widget%2Cradar%2Cseven-day-forecast&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=300x50&ifi=5&adks=1640516046&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie=ID%3Da5dbdfcabc0b7d97-22d7cf571ece004e%3AT%3D1662988359%3AS%3DALNI_MZs1MxXptA6E6lQh4oewNCtfcEydg&abxe=1&dt=1662988359217&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=1135&adys=519&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=282x50&msz=300x50&fws=4&ohw=300&psts=AEC3cPJ18tK2WlQDK3iB38qi8LAxIlcmPwN9bsW6GnAlN992iJInzF9nElUJbwPjQ-1qgmAQ7qIIvUSd2vHFmjtvxMjRjp-IHk8&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd80769987004bef5ee6abdff85e6dc290fa7184bb774d4412887d42b29f6489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11937
x-xss-protection: 0
google-lineitem-id: 5943130519
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383818527
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 443ms
443ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=6&adks=309182183&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D2%26pwtsid%3D409b749428a4495%26pwtbst%3D1%26pwtecp%3D0.26%26pwtpid%3Dappnexus%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D728x90%26pwtplt%3Ddisplay&eri=1&sc=1&cookie=ID%3Da5dbdfcabc0b7d97-22d7cf571ece004e%3AT%3D1662988359%3AS%3DALNI_MZs1MxXptA6E6lQh4oewNCtfcEydg&abxe=1&dt=1662988359228&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=165&adys=1826&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1270x157&msz=1270x125&fws=0&ohw=0&psts=AEC3cPJ18tK2WlQDK3iB38qi8LAxIlcmPwN9bsW6GnAlN992iJInzF9nElUJbwPjQ-1qgmAQ7qIIvUSd2vHFmjtvxMjRjp-IHk8&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a92172228ddbf8eb8604041a3d9c5aebe7ff2d119e2b03f528ac7233a27d9616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9238
x-xss-protection: 0
google-lineitem-id: 5973556773
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138387201305
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 359 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 152ms
137ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016c4ac91b8281be40f97f8b924e6c5b2341ae8fe23427815e05ed91a9021b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"778-dsUnrGAbRZSzeCSESpeJm/1ljaU"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7498e55e8a209b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 359
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 187ms
162ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7498e55d6c1a5bed-FRA
date: Mon, 12 Sep 2022 13:12:39 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 590ms
589ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=671339152331792&correlator=4459230513842806&eid=31068457%2C31069183%2C31069444&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cstory-feature&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=7&adks=1059339992&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D3%26pwtsid%3D39424ab458b307f%26pwtbst%3D1%26pwtecp%3D0.26%26pwtpid%3Dappnexus%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D728x90%26pwtplt%3Ddisplay&eri=1&sc=1&cookie=ID%3Da5dbdfcabc0b7d97-22d7cf571ece004e%3AT%3D1662988359%3AS%3DALNI_MZs1MxXptA6E6lQh4oewNCtfcEydg&abxe=1&dt=1662988359295&lmt=1662988357&dlt=1662988357605&idt=1359&adxs=165&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=954x141&msz=954x109&fws=0&ohw=0&psts=AEC3cPJ18tK2WlQDK3iB38qi8LAxIlcmPwN9bsW6GnAlN992iJInzF9nElUJbwPjQ-1qgmAQ7qIIvUSd2vHFmjtvxMjRjp-IHk8&ga_vid=1092319172.1662988359&ga_sid=1662988359&ga_hid=1722949696&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba65174b577133238354425f1603df8047b007d5ccf3bf7c88521797470d30b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0
google-lineitem-id: 5973556773
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138387201311
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame B5CC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

65ms
39ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0238a5e03d24382af780b4822763126445d02d941e491fb3fa15dadfd7326e35

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55ec9015b98-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 13:12:39 GMT
dropped-udsids: 39|45|241|230|176|64|47|51
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erMDewkpjoQ47jvUvCFMDzqN6G14AJC3MD6IZhC%2FUPuWnoimopiaba9Vslg8d6EFDt8OQVlQnxY9JzOYPESNG3yDToEG01rx40NAtWqgRO27ssefeMjLuuQNemxQREoeItJ4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55e7a02913d-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EzfYWOyyF6XlzB74mk0JqJEVRRHw3mRHOYFyWc9CdYRNJIXbIAxmVyhIIpP71X%2FdtBXZ%2BZHyOu2UweWlW%2B0Ao3BoWjI5fW6NAVJ6GMI0FAzCo7iJdJl7IYl2buFD4ZvdH96vvnprmz34w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CF68 0
42 B 217ms
129ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95501529&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-length: 0

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 6648
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

60ms
39ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f0943b8b3600038e85e763a9be71b05f12a1c0a686a8a1cccf03a246c3b60b

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55ec9035b98-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 13:12:39 GMT
dropped-udsids: 230|241|39|45|31|88|196|10
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsJk3vLm4EV9w3qEpiNMNjHltan%2F%2FgGRWlwVLr46u0lwmsdW3BAJLNg%2BbVhRD86bjAxNXAbJFBhoaTDd40YRYVFSmK9KJRZy4hzDKJcG6DpRqwkPSHMeWyDdVUZ%2FnMn52Ec0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55e7a08913d-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li7pwT6kPwJFt%2FHM2SFl29aOfQn5hrE7D8kbMZpvlKhPX13PwhpRWzd0VQ%2F2JpAVdvbLHEC5qZqrN%2BCq01M3d5BqCe7U30fFF5ZszCWr1hiadD%2FWMwGoQGcGDVlTTAGXmUxDJmERMmiEYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 48FA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

54ms
33ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfbeafc468e94c41fd4b2221847ddc2a2470259766e45dd60f1a277a901e4ce1

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55ec9025b98-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 13:12:39 GMT
dropped-udsids: 230|39|241|45|13|206|81|196
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVrCSC7xfgUROSDwBCdloeDiXq3yJJWnOaPVD0RQg3m%2Bh2dyXknHFI8vGsMje1WGFQFktWKsu9dPfY3%2BWrDdvQUM6Lbou4DjG%2BtUKXftvi0WRC2TfX5GJGTtDCxnGWMBZ0Vc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7498e55e7a09913d-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfAb25ig66nkXQOZoDiCuOBPVJOaK6fIZlmnG3ln%2F6ZpDCdZi8OS1%2B5ELvKc9IhoXvuHgodmBCOGrbPvlRCJ%2BmgTul4CVCaxYd%2BQ7%2Bu23XUjnbNDpKRTO9L6Sac2r6%2FITSXDASpvoveXHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 399F 0
741 B 13ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 091cda34-342f-4ef4-a72e-045111c790d1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5C91 0
741 B 18ms
17ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 690d3a09-096e-4512-821c-8205cdb2e11a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B734 0
741 B 16ms
16ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2554cde3-018a-4e7e-ab89-ed624fa5e183
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E8D4 22 KB
7 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com
URL: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Sep 2023 11:07:09 GMT

GET
H2 200 7274918930037886235
tpc.googlesyndication.com/simgad/ Frame E8D4 258 KB
259 KB 54ms
17ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7274918930037886235?

Requested by

Host: ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com
URL: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:40:06 GMT
x-content-type-options: nosniff
age: 27153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264404
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 16:09:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 05:40:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8D4 141 KB
44 KB 81ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com
URL: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4857 0
0 56ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcEJtj_tDkAbtdw9dmYbD4o-XBvvl9rKpC2xNH9l3F4feACnvDxYqSzwph0ZPC4ocF3R8ljxmFQ_ucw5YWPfYrlMpWtYgOMsNROFf48HA74t0K1UPKZBPBzGpI8xAGQpeCiZohCPTG49nlzWuLuCBeCKzC_Z0DsCUk9S--v-28hhfqThIh-ODisWuDuVSikht36NtXYoYaqlJobtcc0NWRI7PdJxLvkMHlK9dQAPUl7IhktimjL_mNsI379ANx5A8oKBYdyWScleM_MFGvJy84hjvJKR5KTXCHaWFSKrtEQ1PuyZz4OZCS3GulC5lqsneo6g&sai=AMfl-YQ6U4BL67B-tUm207mKXb8pkxmXNb7Igj4G3OGWmWFh9XYxbP2uceHWKjFYNGV1CpwGvxwA5Fslh1Byqq650coLK-tP1t5VWtRBGllJZkRC9_FSynQ1RjFsmfTKoA&sig=Cg0ArKJSzBYSg_-kmOFPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4857 3 KB
2 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 13:08:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4857 141 KB
44 KB 61ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4857 0
0 56ms
25ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThe_EdnQet2EdFwD7MtfC1qmf42WcO07F7LNcCuYE0R-2z5A4D6XMj__lHjCKRXHMy7kV-38qRgi7BxKki5MbjQMWdyQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 16653647834809933888
tpc.googlesyndication.com/simgad/ Frame 4857 132 KB
132 KB 55ms
51ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16653647834809933888

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:40:54 GMT
x-content-type-options: nosniff
age: 441105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135136
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 21:34:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 10:40:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6812 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkG_AXomwj3K4cUazgq8cohMSnhCJ8Pt91Ipa5MGsQcP_MA9Euek5DPGNG_JEnc-TRdsbIKdqbI4d62Q7mawBuUzOTjBBFfrq3ikaXrTNEinmhqCLqJlvka9SuM6dJBErHp1ilbFJeH872RATs846WOm5sEAp49U1HsfYdntWpRrfZTEzhjSmftMBMxXBbBVPE_tydHQAcdn4JF6UkFPVS3qNq5nP2BLIGljHtLhNDB6Lur67wbJRyMcjjzoUKfyB0oGgVWv1uLDUR0KFUsrknjtR-W4ChwxHc2t3ihQmqNeHzpnBtTCpkAMeNT_lEBTBD1w&sai=AMfl-YTkJXP_3zYDpl-nZxkCpKFjAcVgdBvsFoMdgVuTuHQObOuwNMe6w8BWw5NtGuCxuJTiZW466FrZ7UYmpf_9KzpgJeiyKElNEzfb9oj-lBuCRHAyJK3FfH2ZR39veWc&sig=Cg0ArKJSzA2xpbleIQNTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 iframe_buster_200_260.js Show response
s0.2mdn.net/879366/ Frame 6812 76 KB
28 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/iframe_buster_200_260.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 01:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27697
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 01:02:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6812 141 KB
44 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3874 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRQOG1Y6JF5hCcRVld2lDQLWJFBfHNdxwxPL9jA0fulXCCqX2OyJWrGvo1SN-upIx8U_yn3s6nYnUgU_OSVMX7hAcCMuBTry_HDCAJtIz5IYdm8hI3yuQaN6c6qioH-OmtB3s6PUyolw87JIRdkGXdPvtZafkQilwESgwJ0OkpkZvsdAjP6IwsDPUZRig78a_YlpQbGPAvJ0AuCmspg-H_KXSbbetaaLJJExc-Zlf8wAgnsk5KbS2p6oSB1c4uiAAE3aMLkWwLJQU7Wd7I2xJu5l0rXzKBKNgOocyiJL6AL86vjC70TH8cSz3rTk_itn6uFTgJRk01aSSqzCEtMoNaxAhV547Toz9KlVBiOVOwGQf2WiPOpdnII1Q&sai=AMfl-YTpaS3QEH86qiEZwiNiJFrcjzOcBc_CLmWhuqTNx7v7FwvVhnqeBt7FoWQfKRxC7TGaJXGsl6fa5vpzunrh3utv8twh-ajem4jePv8zulkAG_TsephEQraGKC-i6dc&sig=Cg0ArKJSzAGX3rR4if_hEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 3874 3 KB
1 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 13:08:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3874 141 KB
44 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3874 0
0 30ms
23ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQUGy2YSx2avfhj2H-KrE_ABwjKNJroDqL_JF-WmnxBCEdAhao29n4xzU3jSuuLiKJ-XMxUH2oDm_DK7GDxmIVJZOTMA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 9360749518699349282
tpc.googlesyndication.com/simgad/ Frame 3874 6 KB
6 KB 48ms
15ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9360749518699349282

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02be4814af7695fbd75e69d7cf079fa60f013ffdeda2f0da49fdcca573fb99a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 11:13:15 GMT
x-content-type-options: nosniff
age: 93564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5719
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 12:46:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Sep 2023 11:13:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8D4 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurOOjcNSiFBpn5SDZ0SlD0dbSXbdbYYsKiFS-8grV6QufiTIBE6VnSlgmBhM8E2Nq3R1EWFPLTAMCKWw88sBHZPe1lJaKw6DfouUm44OdJ-YVE1atUii-Qedzzy27VNNHmeuEbelXsboPcYbAcQR1AUCQSZh6rIGo_nJAF6GXoPleZ5El5wyJRH5FdJLlMNDSTPfQgQmjhd5b2ShXgydT4e8vDYNeGtKMwacZM-olmxhxRXSikJnOH1yDZQwueg9NADMbBkEAhYrN3DZEGMOvRkjv6XRgjstTG3iEhkbwbGxHiSGEBU5wRlSLUNEBwpLoQ_jEPkIY&sai=AMfl-YSbRAuhxv7EzHW5-_v6YIGUciypA2JOwCArqeBpP0fDZ7uYz4Sv77Ka4eHRFyqLZfK0euMuUkcbAdxIJiNGK4vs5DztkEMPivJ1Qfs-hTeXIrSc5BA2NoK12kchUTm73tM&sig=Cg0ArKJSzJhPL0YuCt2QEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com
URL: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8D4 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDQmiEghxSvnxn4fZoM7KoXDs4MP6tn04PWVfexOV19_d_FPnfhce9fFl9fmfGz85MXSaWKc15gEZPAsfbecBf_Bcz3hCZJVY2vpYOQ5OIjybqTytYAN5F79mDRNz0FE93sUWfsFvgmEsnGtTsWaEYI4ywn0yz7iJ8R8nl1-sSLPAUTLH6Ne-wj13ZEQAvRAY0JxP4KEjsoGAhpP2zS60atXCoHRxZXeeMexjH8Tzp4zvaTjg0FQIpu9xLnje3rvfEVbR2taE2jw-xwiq0LirMHHMzmofmwP-vmj7bAVhjud4u2WHCF18JwxhgbQNQneHqjNSK25OCjg&sai=AMfl-YSPz5nv745KHHhdEjbu4Jma1BvbObxLzgLNXdGubj4SkMEVpeaQyj0a5DUzRhA1L25f7s89j5PoaLvs09EpOrcuR9_vozI9G-IPY26k-L9EE9KET_P1839TCzwdDD2q5xI&sig=Cg0ArKJSzNX2nA5sMqhsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4857 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv45ZqTL1lzbaJ9cLwc9xH6WF1V8OM3aQH-U3MSzUkCBiJAi4XktunRgozCvuoEmdaSJafj0D-3kyle2rfCMdWwVTzjFUdKA5P-Pm0lfHxO4w0z9d7tl7zgzpYWhMKICBQMGnT6qmx4MJt64nGXLa_fuSCy_effmiZAGDT74bxozH0aYhXnnWBJg8MmIpnUUq4_xr3G1EATgmNNe0AjD4Uq1hR-yQKsf3b890vAhhjCAuwxk6HSB6JtYEYE1w6c-Tw_gspct84zZODKEz4X3PuydzR782jV9qaP9mZXoQv_E1GaCtlNoDBEoOFJebqD_qFiMc52&sai=AMfl-YQHTc3nuJTrGJgI3l6udWigkPz8vXp_EB8gthN9Zg9yMYcCjBr4l-6CWMDkbJ2UUsLsd8uDIjPxTwWlEMTsZAwq6m_1buIsJPgst159ng4g49wy1AmGDGrrdiCTUw&sig=Cg0ArKJSzPegfT_r72V2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
DATA 200
OK truncated
/ Frame 4857 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 906f174d1d18086a12d675727a472fd2f38f65c0927a06b03e341597a5d1c712

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6812 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0782677b733b305e3955d5901b360da8225742817a3c66865ece8f17d7bfcd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E8D4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c21ed5650bb6d2d9903dd124ddd00db53a2affd46c7b25c0b0e647354c45f25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 48FA 170 B
232 B 87ms
26ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 48FA 70 B
264 B 109ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 48FA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&dcc=t

43 B
568 B

105ms
103ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: YKA6HTPAKTPGRS2RZ1DS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: TRW0VR07E1SEKSYWF99K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 48FA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2

43 B
840 B

37ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e561b908925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS7bV1ILsbLlguro3TSUcYpxspC8PlPjBr9kmleZS6lsw0ECND4qX9fw77mqD7Ofr8MGCjYU0mthdbgPs2TeqkdKpOXiRTOPhz8%2BWpzHMEAj08IW2MHnJwfrL114vhXRJMI9KpWfZ15x7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 48FA
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
840 B

27ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e56d6fe8925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDGaDL%2FQ0JkP9x7YBpT2Z1Oq6%2FUmN0NY3AqgWLsaL114BpWGnABNyWii%2F196GGtA1rJwDsjvi7S4mbJsCbivcZiftazIls2macsAg9h7zLsUf7YQVC%2BM39hi1pX16FZuAkM132vr63s51g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Mon, 12 Sep 2022 13:12:41 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 48FA 0
125 B 102ms
21ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx8wR2O021FL3GC3I7KFWgAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 48FA
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=OlWTBT9WllQhB8RXaVaPVThTkFIhAJQFbQAAcHPD

43 B
849 B

65ms
59ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=OlWTBT9WllQhB8RXaVaPVThTkFIhAJQFbQAAcHPD
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e5605ef9925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz8lZpQikz90%2BxrgyjNRFTw757Trpha%2B6r8aMbx1qVOzIPMdKk9s54xdCAiVQOMc3IDUrlQLyHk4%2F94y%2FZkNF6872cJHqrhaRlL1r7aUMeK6RmoL%2F30Sob3xMXiNf%2FRI6NaHpqM%2F2CcFsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=OlWTBT9WllQhB8RXaVaPVThTkFIhAJQFbQAAcHPD
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 48FA
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
843 B

48ms
46ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e560ffdd925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyaCmI4hMTy%2F8aeweR03r11aE8Hvh%2F7TohXZnfVKazyB8KWdBOktn5ipXruT2tEBd7Z38WWPtadIllJozjAqzcYpOF8pu2wPIvCWzEz64YRuZT3SXEXaw6MMhLIeMaAQuQ%2Fo9jAYFqVg6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 12 Sep 2022 13:12:39 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 48FA 43 B
103 B 105ms
28ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8wR2O021FL3GC3I7KFWgAA%261130
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e56038c79271-FRA
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 41
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 17:12:39 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B5CC 70 B
264 B 107ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B5CC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDno0kWQgFjBX6YZd1vGPG0&google_cver=1&gdpr=1&google_hm=2

43 B
843 B

82ms
58ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDno0kWQgFjBX6YZd1vGPG0&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e5605ef4925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7%2F6OS3jlCZueQrdN6oK9o7rx%2B78V08ed5V3wmWaRG%2BjPZjT0Lt8vsuXOmuT523FDL2QJw5tk20JgxuBmsoBLktGiDJP3vlYgyKUTjEcGyFUxdMp0aSQdfiJYKykLZ0QY4AKSEfIFPS5RA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDno0kWQgFjBX6YZd1vGPG0&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B5CC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB&dcc=t

43 B
568 B

101ms
99ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: N3T363VX8J1KRY8NVPFH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: H51KQTD839Q83KDJB6AF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B5CC 170 B
232 B 41ms
27ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8wRyfa23je6MHIDnBMbwAABFIAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame B5CC 0
44 B 353ms
98ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-length: 0
server: c

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B5CC 0
191 B 124ms
41ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B5CC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=hKgPql0b1OxJeT5&gdpr=1

43 B
846 B

69ms
46ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=hKgPql0b1OxJeT5&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e560bf7d925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BbOGRozva2YhJMVjIYrJLiVNOjEtvB1km1ytBGk14tmi0UV%2FH61PLyXKiwv66dWVXe5%2FxGuthLtbJjaSZx6hOudzQEkqwd3cRXwHylbiohoKCiQoGLUKF5mYQGYMXCo5QtYcS%2BN%2BFFEUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=hKgPql0b1OxJeT5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B5CC 43 B
220 B 162ms
28ms Image
image/gif 3.126.157.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.157.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B5CC 43 B
351 B 101ms
25ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8wRyfa23je6MHIDnBMbwAA%261106
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e56038c99271-FRA
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 41
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 17:12:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3874 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstz7u_aaah0cyfvfTqKj09POkEVjUb9eeayKA44Ba4j0CMaV42eaC3Fw1UQBDVw0ViA6-0v6AuWINSseSsFtB6FeKiM_ZYDNxZ-L5FTnEuMy9sIT5hbME0GZgcOu7FsQlzV4YD9LRBZ2lL39a3UDMudOSudW_CrqWPzS05q2EH-E0bM-2tbNm4RFWYXxx2gMfpboABj2LuHIZZGCs4kKCDbj62sHkwPDAHQmS10loulYEfXHMSPI5qwA0GZme80wqnGpWCzVoZBkFNdPlKemojK_g2tqODU4Hp3xgUJ6ABA8UKbs4aeRw4qpSDA6EEFMkewpn33XRs1cTQ-gpnpbkyInHEpfvfl49MfFzZS7Y7_kJBRVynVUJtUVxSa4g&sai=AMfl-YQCfns15lH0QgCu8LHD0EUlYVXxeLBTBXlJrBo-FEoucXtOgkIvFpFL0bgQhVft2rvDFoMwPc-aqWKazYR-8UtgLgIEL9azEn25nidLJGs_WCBjj7R8DZuZaLf3XKA&sig=Cg0ArKJSzDCtMGvTI7J2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
DATA 200
OK truncated
/ Frame 3874 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7306a00c6467f9ab2f18f7c685197edf36a9840d88cee4c09788cb72494159

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6648 170 B
502 B 69ms
25ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6648
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB&dcc=t

43 B
568 B

99ms
98ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: MN31TR48Z0WV4XPJ7Z8W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 2FCQ0K2XVDY74QEYKQTV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8wR3bZ-frVxN0hBYJKXAAABHcAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6648 70 B
265 B 60ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6648
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8wR3bZ.frVxN0hBYJKXAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2

43 B
846 B

39ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e561b906925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or%2FbP4q%2FuwAWm4VcXtVnMh5PVg%2BKPY9%2FBTMzgsa8yurjllNWvfWZt8gbahzHzTI%2F2b5DyM7es%2FoD5PNMd4ZLnN7d4t088VHhPcWrkchg2f6aCMpfeR%2B7i7FRtFX56octjOdym0nw0ivefg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFII9lNfAwFOlQX8uqJPDhg&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 6648
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162747591201799416&uid=Q7162747591201799416&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

17ms
15ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 12 Sep 2022 13:12:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 503 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6648 0
177 B 73ms
0ms Image
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1662988360.717166,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19134-FRA

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6648
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
847 B

51ms
47ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e560ffdb925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCq4rX%2F63PCnt8ClvfB1kwpiAU2k7%2FkIiNNh1WRv7cGF8tBMv%2B6TWmeNeSWrdGrKK6yspXCSWp%2FZajrg72X%2BM%2FXgFElqh968r14kEU6XV6vG27W0e2HEfEQFVtxj24QwfIjhiW7NGl7U4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 12 Sep 2022 13:12:39 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6648
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692397895948

43 B
879 B

56ms
49ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692397895948
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e5605efb925c-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDA9QwPlU9BYhqh7Z7AsDsFfniv4DrrEtBZ%2FiczxKhXu5CVA5PsSWkkxV2CqCEv6jNjzKmq9XNx354CHETukhMfEC2bCgOMkb9Q6EkXxk7lT0zcfhF4xE602OAQlPg2ZBBbMK7rNAXBJzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692397895948

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6648 43 B
102 B 100ms
26ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8wR3bZ.frVxN0hBYJKXAAA%261143
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7498e56038cb9271-FRA
date: Mon, 12 Sep 2022 13:12:39 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 41
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 17:12:39 GMT

OPTIONS
H3 200 704
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 156ms
156ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=bf1dz3bty6ytjzfe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7498e55fbfdf5bed-FRA
date: Mon, 12 Sep 2022 13:12:39 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 639
date: Mon, 12 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 15:02:00 GMT

POST
H3 200 704 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
548 B 172ms
172ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=bf1dz3bty6ytjzfe

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76999e50e7bd72e8fc1cc357c256f6b9d6b086c6cf695e05b2cf053dd0f4e43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-YJRX+NVOwqsbqYxf1GxKPhaQhWY"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7498e560fde49b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 27ms
25ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1134
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"2e2f-18321a2e090"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7498e55fbc2a9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:39 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1134
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"f2a-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7498e55fbc2b9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:39 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1134
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"8abb-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7498e55fbc2c9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:39 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1134
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"19c7-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7498e55fbc2d9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:39 GMT

GET
H3 200 61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/61615318/ 4 KB
1 KB 80ms
20ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/61615318/61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 07:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1479
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:44:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 07:45:59 GMT

GET
H3 200 html_expanding_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ 200 KB
69 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 23:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70581
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 23:30:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6812 0
0 64ms
58ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1o9tIvI2ZvJ7UFomW6FG6PVnern7MSiC1Z4b-nVrJmhlKSfiTEfD-qCHL0eO_s2-TlS2gGPdENZHQ-ex6xU1QjHXin5OJz-cpIEWsApxay1B2Nb4g-1DLPO6TQQ3NLL-HIG8ex_0zaX9lyTsnMLIFFuIYOsvhf3_lKUl2Uzi3XEcxcQ8KWIYK1UudOA6nJhN75ak9cghCUv5QUPhV_YFWSO2bW2inTgcNLVnxR5hjwnrzCRD_H-DcqFn_kf1XZjEU4BFMsKLTgoCLxOsKe0JiuxB29k_3X0IThYSbA1SPzfXQHX5Pozkq_JIN3z0GhA0IBSjh&sai=AMfl-YSrKsaeZxSdMsrCF8HyBaGdwZXoRKEPa5_sv4oWU_yas99JgKKga6Ob3CYl1hgV_Nj5ajk7pCVFf5TStVszy2SBZFoXW85Y1lLHQK1upER2McrQNSzXv4ILARTvV-s&sig=Cg0ArKJSzDM-5fnydix3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:39 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 106ms
50ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81117537-17&cid=1092319172.1662988359&jid=1132280723&gjid=567155608&_gid=1285671193.1662988359&_u=ACCAgEABCAAAAE~&z=682955412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 13:12:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
25ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1722949696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=1132280723&gjid=567155608&cid=1092319172.1662988359&tid=UA-81117537-17&_gid=1285671193.1662988359&z=1015863325

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 17:46:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69977
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1144 Show response
api-esp.piano.io/publisher/unattended/ Frame F38D 138 KB
46 KB 144ms
144ms Document
text/html 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 7498e5600c989b3f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 13:12:39 GMT
etag: W/"22682-LExzyUZpIdsk76fZ2i4eHzXaeKY"
expires: Tue, 12 Sep 2023 13:12:39 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF78 0
0 90ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC4jBs3gEtGV5Bm_9ttO_w5VfVpD2VhNAYx32ar5WYwVnYOcYx_CzKfXe7Xle2U8nQ01Oh285WiREbsV7UDZmc0nrLufeqJL7FzW_PeqMV5b9-r24iRX8oLHNW3yGwaDVPwJ0sGBRaatC2IREzq16YL8kczQ1miG_ornbNWs49YuyAsv3JWxpvidbKoKdp0OQrxZO2thaFldAiATE-9MXmhzIcnixsB8eYE5L5jUlcj5-f91jLZgcw408nnNkUtGEXiVMFEFxeAL-Z5qzi3F8ORci2n1iUnJnfC2EMlY-equ98zNg9Jn6bKqNSvQRsDH17AnNTPg&sai=AMfl-YTX4y-i4HInb4pXTfW6gxOVhCy1MxfNI3NfirQtRbOzy3GaVd8YPVm8l4Z1PMAXsTKGTW0ebXfSreVNOdmUJ2wcFZoV5C2ea2ao3jfW2whPNaCNM8vJNhweaBrNB9A&sig=Cg0ArKJSzMKyK7P31CZQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK appnexus-html5-lib-host.min.js Show response
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame FF78 11 KB
4 KB 25ms
9ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Age: 21999
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3768
X-Served-By: cache-lga21961-LGA, cache-fra19145-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 23 May 2018 13:47:22 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1662988360.709422,VS0,VE0
ETag: W/"5b0570ea-2b85"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 18 Mar 2022 06:59:53 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 7629

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame FF78 85 KB
29 KB 120ms
26ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Age: 1052080
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29299
X-Served-By: cache-lga13622-LGA, cache-fra19144-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
X-Timer: S1662988360.795651,VS0,VE0
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 31 Aug 2023 08:58:00 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1270533

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame FF78 0
813 B 217ms
119ms Image
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.kold.com%252F&e=wqT_3QK1C_BMtQUAAAMA1gAFAQjH4PyYBhCk6oT6773flCQYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeKzxBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhY20yaFp3alhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd01EYmdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWDJMcGdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIV9oT0hsUTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBaQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8Ko4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQPMTMwNTcjQU1TMzo2MDA22gQCCAHgBAHwBO6BfCCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbLwQLaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB6zxBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=2d1978cd3e0e9c8693537e944871eb0f6ca09165

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f9d02bd-f560-41ac-a752-067922ebfa2e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF78 141 KB
44 KB 151ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 131ms
33ms Image
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=161733&purl=https%3A%2F%2Fwww.kold.com%2F&tst=1662988360&iid=b6a07684-e2a8-41a7-8301-95e77849853a-ndfdi&bidid=409b749428a4495&pid=6819&pdvid=9&slot=ad-YEo80zaSSBBI&au=%2F63316753%2Fkold%2Fweb%2Fhomepage&bc=appnexus&pn=appnexus&en=0.26&eg=0.26&kgpv=.*%40.*%40.*&piid=
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK index.html Show response
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/ Frame 7069 3 KB
2 KB 102ms
24ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWPyQ1Qf_ufSkkzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAABCbjMQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_hOHlQjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwMDZAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDA2%2Fbn%3D96428%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGKTqhPrvvd-UJCIMMzcuNTguNTguMjQ4MMfg_JgG
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 57b9b383ca541aa1ad22af3dcc8f094ff58a3baa8a20f180883132ee57a29e67

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 1576193
Cache-Control: max-age=3888000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1042
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: W/"ba4480781b04b3a31473981842391053"
Expires: Sun, 09 Oct 2022 07:22:46 GMT
Last-Modified: Wed, 24 Aug 2022 08:26:36 GMT
Server: nginx/1.21.3
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, HIT
X-Cache-Hits: 0, 272
X-Clv-Request-Id: 85c1ffca-bfbb-451e-954d-7a204f2f81a5
X-Clv-S3-Version: 2.5
X-Served-By: cache-lga21941-LGA, cache-fra19124-FRA
X-Timer: S1662988360.816905,VS0,VE0
x-amz-request-id: 85c1ffca-bfbb-451e-954d-7a204f2f81a5

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9BC4 52 KB
17 KB 24ms
23ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30868
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:39 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 299981
X-Served-By: cache-lga21958-LGA, cache-fra19145-FRA
X-Timer: S1662988360.741206,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame FF78 0
813 B 86ms
37ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.kold.com%2F&e=wqT_3QLMDfBMzAYAAAMA1gAFAQjH4PyYBhCk6oT6773flCQYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeKzxBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhY20yaFp3alhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd01EYmdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWDJMcGdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIV9oT0hsUTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBaQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8EY4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS_yAhEKBkFEVl9JRBIHNTQ3NzUwN_ICEgoGQ1BHX0lEEggxOGmLEPICEgoFQSsIRBIJdYEQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOFBAKBUlPXwGJBDYwhR0A8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8EOAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OAED8D4yNDioBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQPMTMwNTcjQU1TMzo2MDA22gQCCAHgBAHwBO6hkyCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbLwQLaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB6zxBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=c2f0a9299a32a8b947b813f2c225bd1b94344d7a&bdref=https%3A%2F%2Fwww.kold.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.kold.com%2F,https%3A%2F%2Fwww.kold.com%2F&

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cf36870b-28ca-4ea4-aa90-417888ee75f6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
60 B 68ms
37ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/visible?tvi2=8529&route=AM%3AAM%3AV&lti=vignette-disclosure_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662988360.793553,VS0,VE9
x-served-by: cache-fra19165-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
297 B 66ms
37ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/bulk?tvi2=8529&route=AM%3AAM%3AV&lti=vignette-disclosure_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662988360.793670,VS0,VE8
x-served-by: cache-fra19165-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BC4 0
741 B 93ms
92ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13975&pub_id=2165561&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2796779e-703e-409a-8a54-68c25d9e2794
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame 188B 78 KB
21 KB 48ms
42ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=RrgT1ZETeE&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 21323
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 13:12:39 GMT
expires: Tue, 13 Sep 2022 13:12:39 GMT
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
709 B 17ms
14ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 21350
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: JaB2VZccswddTqwJ7/mcediCDg0wFFInP8HOv6ivSWhba0pfTqAJTJNmShXPe3AZIWkTu7d0lpI=
x-served-by: cache-fra19165-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1662988360.832551,VS0,VE0
date: Mon, 12 Sep 2022 13:12:39 GMT
x-amz-request-id: DM4W3S4YY3F5F4G8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 51
x-cache-hits: 7475

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame FF78 0
832 B 20ms
15ms Ping
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.kold.com%2F&e=wqT_3QK1C_BMtQUAAAMA1gAFAQjH4PyYBhCk6oT6773flCQYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeKzxBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhY20yaFp3alhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd01EYmdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWDJMcGdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIV9oT0hsUTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBaQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8Ko4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQPMTMwNTcjQU1TMzo2MDA22gQCCAHgBAHwBO6BfCCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbLwQLaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB6zxBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=2d1978cd3e0e9c8693537e944871eb0f6ca09165&type=nv&nvt=5&jm=1003&px=436&py=1826&bw=728&bh=90&sid=6930894171771826515&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26431810&sw=1600&sh=1200&pw=1600&ph=4656&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b7e27435-ef05-4f41-bb32-761b1ee963cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK main.css
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/ Frame 7069 4 KB
2 KB 13ms
7ms Stylesheet
text/css 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWPyQ1Qf_ufSkkzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAABCbjMQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_hOHlQjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwMDZAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDA2%2Fbn%3D96428%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGKTqhPrvvd-UJCIMMzcuNTguNTguMjQ4MMfg_JgG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 24831f120c3bfb062c7472c1b4412f0e09ef997039798788fd3f8cec946080e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWPyQ1Qf_ufSkkzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAABCbjMQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_hOHlQjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwMDZAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDA2%2Fbn%3D96428%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGKTqhPrvvd-UJCIMMzcuNTguNTguMjQ4MMfg_JgG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Age: 1658752
Accept-Ranges: bytes
X-Cache: HIT, HIT
Connection: keep-alive
x-amz-request-id: 594465f8-40af-4802-a11c-59f4a7c3f301
X-Served-By: cache-lga21967-LGA, cache-fra19124-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 24 Aug 2022 08:26:35 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662988360.865527,VS0,VE0
ETag: W/"e71f5994d59e56c0f44e9c6a86b5fbe6"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Sat, 08 Oct 2022 08:26:48 GMT
X-Clv-Request-Id: 594465f8-40af-4802-a11c-59f4a7c3f301
Content-Length: 1013
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 194

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame 7069 9 KB
3 KB 13ms
7ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWPyQ1Qf_ufSkkzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAABCbjMQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_hOHlQjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwMDZAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDA2%2Fbn%3D96428%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGKTqhPrvvd-UJCIMMzcuNTguNTguMjQ4MMfg_JgG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Age: 23398
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2930
X-Served-By: cache-lga13627-LGA, cache-fra19145-FRA
Access-Control-Allow-Origin: *
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1662988360.864929,VS0,VE0
ETag: W/"574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 17 Mar 2022 06:36:31 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 8057

GET
DATA 200
OK truncated
/ Frame FF78 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67cdd901973b2bbb41b4380c7133c228f79ed79c6946909fcd7dfa15aa97a7df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame F38D 2 KB
1 KB 86ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 13:03:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 13:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 188B 110 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=RrgT1ZETeE&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=RrgT1ZETeE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 16:04:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA67 0
0 55ms
51ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYfOZGFZNWAVhkMFaVdr9dfAJqz5RqV9nRdnDAc2hgiD1nxU-YlG8DUFNCV-YoDRu4pagmNy53LPzC6UrSB5zhwLQaPwcqWhHk_dTPX1wuWxzltN_IspqBm8a8u2rcfLo4jL-DEdPeZ6THB1G_z9i6vF3IrMO4SjazoDFbQ2uOkqaZ2c1IWnd4VLpQSbBiCLvMOTn7yytZZmy3pA-qXvg2OthFixTlQH3TriUJbYiiQtU0qa_WNJHc3oRLawMxnJR8Ymc3d_C4xZbxGQKnislrPvE5XlC_6zJv3-8enLqIwFgy469KiOWjAcw1ak6L1yupcGMjjzqiPYsy80GKKJ5V8Das&sai=AMfl-YTBPHTJxI7iBQ5GdKUcoydZbUrFjtTMCPgGzSBFfDqelqrAw0CvBsEI8QOIhpIxA7T4Q3EHO05q7b1OvSNGZhcamcAigYqJtSDGXzeVKAwlMLHkhRNrOko2EjyHvzw&sig=Cg0ArKJSzF5qPYdSLHsTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame BA67 118 KB
42 KB 62ms
9ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2022 13:16:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"62f3af90-1d8e8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 42145
Expires: Tue, 13 Sep 2022 13:12:41 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame BA67 85 KB
29 KB 10ms
7ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Content-Encoding: gzip
Age: 1052080
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29299
X-Served-By: cache-lga13622-LGA, cache-fra19144-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
X-Timer: S1662988360.917314,VS0,VE0
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 31 Aug 2023 08:58:00 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1270535

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame BA67 0
813 B 30ms
27ms Image
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.kold.com%252F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjH4PyYBhDBhqmT7a6V-lIYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeJD0BYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhUkcycFRRalhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd056amdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBVy1MNWdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIUJ4UUVtQTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBoQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8PU4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMzA1NyNBTVMzOjYwNzjaBAIIAeAEAfAE7szHtQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGy8EC2gYWChAJEhkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLoGQADIB5D0BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=c7e01a86aa76d17540249aa6f4965e003345cf5a

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:39 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c8b1cb1e-684c-404f-bb5f-4086dab36aad
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA67 141 KB
44 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 30ms
27ms Image
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=161733&purl=https%3A%2F%2Fwww.kold.com%2F&tst=1662988360&iid=d3e0baab-57ba-4b7e-bb9d-d58e70cd8dca-feide&bidid=39424ab458b307f&pid=6819&pdvid=9&slot=ad-E-rg4IgSgSs&au=%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fstory-feature&bc=appnexus&pn=appnexus&en=0.26&eg=0.26&kgpv=.*%40.*%40.*&piid=
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:39 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK tick-empty.png
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/images/ Frame 7069 2 KB
2 KB 24ms
24ms Image
image/png 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/images/tick-empty.png
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 8baa2cde580e6619426c5927fc76c331128c85a63c1e963e640ed91634d852e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:39 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1658751
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1776
X-Served-By: cache-lga21967-LGA, cache-fra19124-FRA
Last-Modified: Wed, 24 Aug 2022 08:26:35 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662988360.918956,VS0,VE0
ETag: "fd55ce028317f4f9f524bf10f34b0763"
x-amz-request-id: 99fdb477-34e7-4d86-95dc-1ba05f44e11d
Access-Control-Allow-Origin: *
Expires: Sat, 08 Oct 2022 08:26:49 GMT
X-Clv-Request-Id: 99fdb477-34e7-4d86-95dc-1ba05f44e11d
Accept-Ranges: bytes
Content-Type: image/png
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 197

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF78 0
0 60ms
58ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXmQFSGr5nbycAxd4CNxVLnd0adstAI8dYPQzFsl7Z3z9TKdYkJAmITGorCWmeEEgi5gowzoeFLz59fbmZbGziIF-LKsQGfCSxDfbcPNlOEFtlsXa7Kzu9TbbyEWCPD6kQD0UA9fTVf2W50GBT9hfFCJ1bZADdV0D-i85u0tIBgVxAIcTncGilDkbkPdVijW_6NN4lrnmip2mPgf-iaLFG3UVptR8IZQX_2willnan1KI1ysW2MU7gxsC2foDWOrwrAflMtTPy7M-VoA-o3YKubf-vqxQZZujuJGhAmSxVkro_Yj_m6I330WhC9MniwROwxmF8QNjl&sai=AMfl-YTcSYFlwOs3rpO2BNL2HBfjwk8G8qQQM_cotmb_dxHFBsIESqbK-VIrE9NamG7kJLQ91MxDwCwkhRwndIarnYuusjfiaHdJk986-hoGGzPaoVUHWX-f-lYOqDFuIlA&sig=Cg0ArKJSzOtoEZJxHc2zEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:39 GMT

GET
DATA 200
OK truncated
/ Frame 188B 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 188B 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 188B 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 188B 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 188B 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 141ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 12 Sep 2022 13:12:40 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame BA67 0
15 B 131ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK appnexus-html5-lib-host.min.js Show response
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame BA67 11 KB
4 KB 7ms
7ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:40 GMT
Content-Encoding: gzip
Age: 21999
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3768
X-Served-By: cache-lga21961-LGA, cache-fra19145-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 23 May 2018 13:47:22 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1662988360.057930,VS0,VE0
ETag: W/"5b0570ea-2b85"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 18 Mar 2022 06:59:53 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 7630

GET
H/1.1 200
OK index.html Show response
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/ Frame B2B3 3 KB
2 KB 10ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWP0FDatJ2VfRSzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAAhCauWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BxQEmAjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwNzhAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDc4%2Fbn%3D96784%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGMGGqZPtrpX6UiIMMzcuNTguNTguMjQ4MMfg_JgG
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 57b9b383ca541aa1ad22af3dcc8f094ff58a3baa8a20f180883132ee57a29e67

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 1576194
Cache-Control: max-age=3888000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1042
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:40 GMT
ETag: W/"ba4480781b04b3a31473981842391053"
Expires: Sun, 09 Oct 2022 07:22:46 GMT
Last-Modified: Wed, 24 Aug 2022 08:26:36 GMT
Server: nginx/1.21.3
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, HIT
X-Cache-Hits: 0, 273
X-Clv-Request-Id: 85c1ffca-bfbb-451e-954d-7a204f2f81a5
X-Clv-S3-Version: 2.5
X-Served-By: cache-lga21941-LGA, cache-fra19124-FRA
X-Timer: S1662988360.074169,VS0,VE0
x-amz-request-id: 85c1ffca-bfbb-451e-954d-7a204f2f81a5

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F87 52 KB
17 KB 8ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30868
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 13:12:40 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 299986
X-Served-By: cache-lga21958-LGA, cache-fra19145-FRA
X-Timer: S1662988360.078285,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame BA67 0
813 B 20ms
19ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.kold.com%2F&e=wqT_3QLLDfBMywYAAAMA1gAFAQjH4PyYBhDBhqmT7a6V-lIYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeJD0BYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhUkcycFRRalhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd056amdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBVy1MNWdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIUJ4UUVtQTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBoQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8EY4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS_yAhEKBkFEVl9JRBIHNTQ3NzUwN_ICEgoGQ1BHX0lEEggxOGmLEPICEgoFQSsIRBIJdYEQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOFBAKBUlPXwGJBDYwhR0A8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8EOAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OAED8EwyNDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMzA1NyNBTVMzOjYwNzjaBAIIAeAEAfAE7szHtQGIBQGYBQCgBf___wkDGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBfn9S_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsvBAtoGFgoQCRIZAVgQABgA4AYB8gYCCACABwGIBwCgBwG6BwG7TAAYACAAMAA4ugZAAMgHkPQF0gcNFXcBHgjaBwYBcHAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=950d91c86e60e044e06aa0a118f93b3404436561&bdref=https%3A%2F%2Fwww.kold.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.kold.com%2F,https%3A%2F%2Fwww.kold.com%2F&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bf34641c-0be9-4e0e-b69a-705137a5b14a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 mail-logo.png
api-esp.piano.io/public/sdk/v04/assets/ Frame F38D 18 KB
18 KB 20ms
20ms Image
image/png 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/mail-logo.png

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
cf-cache-status: HIT
age: 1356
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18301
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"477d-18321a2e090"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7498e562787c9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:40 GMT

GET
H3 200 success.png
api-esp.piano.io/public/sdk/v04/assets/ Frame F38D 20 KB
20 KB 23ms
22ms Image
image/png 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/success.png

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
cf-cache-status: HIT
age: 1364
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20011
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"4e2b-18321a2e090"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7498e562787e9b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 13:12:40 GMT

POST
H3 200 w_shown Show response
api-esp.piano.io/tracker/lucid/event/704/1144/ 39 B
519 B 132ms
132ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=bf1dz3bty6ytjzfe

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7498e5639a469b3f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H/1.1 200
OK main.css
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/ Frame B2B3 4 KB
2 KB 8ms
7ms Stylesheet
text/css 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWP0FDatJ2VfRSzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAAhCauWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BxQEmAjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwNzhAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDc4%2Fbn%3D96784%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGMGGqZPtrpX6UiIMMzcuNTguNTguMjQ4MMfg_JgG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 24831f120c3bfb062c7472c1b4412f0e09ef997039798788fd3f8cec946080e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWP0FDatJ2VfRSzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAAhCauWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BxQEmAjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwNzhAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDc4%2Fbn%3D96784%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGMGGqZPtrpX6UiIMMzcuNTguNTguMjQ4MMfg_JgG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:40 GMT
Content-Encoding: gzip
Age: 1658752
Accept-Ranges: bytes
X-Cache: HIT, HIT
Connection: keep-alive
x-amz-request-id: 594465f8-40af-4802-a11c-59f4a7c3f301
X-Served-By: cache-lga21967-LGA, cache-fra19124-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 24 Aug 2022 08:26:35 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662988360.108492,VS0,VE0
ETag: W/"e71f5994d59e56c0f44e9c6a86b5fbe6"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Sat, 08 Oct 2022 08:26:48 GMT
X-Clv-Request-Id: 594465f8-40af-4802-a11c-59f4a7c3f301
Content-Length: 1013
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 195

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame B2B3 9 KB
3 KB 8ms
8ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FZ2ZmZmZm1j9v8IXJVMHQPwAAAMD1KBZAb_CFyVTB0D9mZmZmZmbWP0FDatJ2VfRSzBukxUz_M1FHMB9jAAAAAEJRkwGXNgAAATMAAAIAAABu5rEWGv0nAAAAAABVU0QAVVNEANgCWgDgegAAAAABAQUCAAAAAOAAhCauWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BxQEmAjXic0ZEO7Mx7UBGJr6nwEgACgAMQAAAAAAAAAAOglBTVMzOjYwNzhAoS9JEJIFTODW7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTMwNTcjQU1TMzo2MDc4%2Fbn%3D96784%2Fclickenc%3Dhttps%253A%252F%252Fwww.jetztmitmachen.com%252F_static%252F_supload%252F2007%252F1174%252F%253Fpartner_pk%253D2007%2526wingame_pk%253D138%2526freetest_pk%253D1345%2526sub_id%253D18742977-277461109-380757614%2526sub_id_postback%253Dams3CMy3kK3M6f-ZURACGMGGqZPtrpX6UiIMMzcuNTguNTguMjQ4MMfg_JgG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:40 GMT
Content-Encoding: gzip
Age: 23398
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2930
X-Served-By: cache-lga13627-LGA, cache-fra19145-FRA
Access-Control-Allow-Origin: *
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1662988360.107901,VS0,VE0
ETag: W/"574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 17 Mar 2022 06:36:31 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 8059

OPTIONS
H3 200 w_shown
api-esp.piano.io/tracker/lucid/event/704/1144/ Frame 0
0 144ms
143ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=bf1dz3bty6ytjzfe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7498e562bcac5bed-FRA
date: Mon, 12 Sep 2022 13:12:40 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA67 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3wRfI73eTL25m4Tx3lyF7BU0rKZdKfcE4EfDTjcSqCIXtiNqzCWSrg_YVtGgW7HlbmKmZLNrpIO0MCGKgKJqrpp64iOQErGq30sMmWlYb5ic6oIIu6lWzzAUC2bI4ScDEMAgx6K83D4VDD3yg4LGZCNgXwgKTtQP_SDpOLBUa2CrB814EN_S9g7390tve2kmP-w2EL3xvfm4Q7mVisT5vAV-zRTptBzZr8ow42MMV3Q2X68kyc3ZisGk1XLVDZ6fLtxRRbrreUKNK_0bTT09LQWKSrr_guuMVYEBepPIUKC6C7xhrtZJNDYGh-tmnqN-3hMRhqlBNXYuaJfUycrBoMtI4GMQ&sai=AMfl-YR5FTkSK83uQX5fpTUT6SD4c4sq2C8AVowfIAJyvIhSuGK1zMkg5vHIiuSvS6t38EMqJ9zesvFU75uRDgzrC8MgkILrcuqUI7MgvJ5xuHcCnnZnnXadXOSQOhl4i0g&sig=Cg0ArKJSzDmPccJKWXsEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 13:12:40 GMT

GET
DATA 200
OK truncated
/ Frame BA67 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93a6229364ea99750402bd241d0b6e0db233d09a606bdc3a05d12eaca5b538ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame BA67 0
832 B 14ms
13ms Ping
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.kold.com%2F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjH4PyYBhDBhqmT7a6V-lIYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeJD0BYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhUkcycFRRalhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd056amdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBVy1MNWdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIUJ4UUVtQTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBoQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8PU4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMzA1NyNBTVMzOjYwNzjaBAIIAeAEAfAE7szHtQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGy8EC2gYWChAJEhkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLoGQADIB5D0BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=c7e01a86aa76d17540249aa6f4965e003345cf5a&type=nv&nvt=5&jm=1003&px=278&py=798&bw=728&bh=90&sid=6930894171771826515&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26431810&sw=1600&sh=1200&pw=1600&ph=4672&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c43a8305-ba12-4550-b781-15407106c589
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F87 0
741 B 14ms
14ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13975&pub_id=2165561&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 12425f79-557d-4281-869e-ddeb4e99dde3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tick-empty.png
crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/images/ Frame B2B3 2 KB
2 KB 8ms
7ms Image
image/png 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/images/tick-empty.png
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 8baa2cde580e6619426c5927fc76c331128c85a63c1e963e640ed91634d852e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/13057/2022/8/24/39037079/DE_728x90_Voting_Tempolimit_Gas/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:12:40 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1658751
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1776
X-Served-By: cache-lga21967-LGA, cache-fra19124-FRA
Last-Modified: Wed, 24 Aug 2022 08:26:35 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662988360.155565,VS0,VE0
ETag: "fd55ce028317f4f9f524bf10f34b0763"
x-amz-request-id: 99fdb477-34e7-4d86-95dc-1ba05f44e11d
Access-Control-Allow-Origin: *
Expires: Sat, 08 Oct 2022 08:26:49 GMT
X-Clv-Request-Id: 99fdb477-34e7-4d86-95dc-1ba05f44e11d
Accept-Ranges: bytes
Content-Type: image/png
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 198

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
336 B 141ms
64ms XHR
application/json 52.18.161.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.161.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-161-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 96ca183f6f61ba1172aa8c6c5a1810520190f2784082319e4ba42dea34b6816c

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:40 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
x-server: 10.45.24.187
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ 0
212 B 535ms
173ms XHR
text/plain 34.208.243.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
pragma: no-cache
date: Mon, 12 Sep 2022 13:12:40 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 34ms
34ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: d14db3f5c46c69f8c440d7678247e477126dd4e644b325f1726f5802b38bca1f

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 12 Oct 2022 13:12:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 399F 0
741 B 14ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1d69287b-d5a6-4627-a39d-fff9047f2ed1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5C91 0
741 B 13ms
12ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cd12b4d7-0dc9-46c9-8b3b-3f9e3ac3107c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B734 0
741 B 13ms
12ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d181795-07e3-4ddf-9195-acc68b0d0a27
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8D4 42 B
497 B 97ms
50ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2TRdMHJ3omCpJZyRK8Pq4Mm6obruGk9l-Wg_mA3ZBlIRhM3WzXr5qUrbA47IwOOInsyk4yp2u8n4C2j2kJxYWs5kELcM6DzsPMvZFGZl7a4Ix34iB&sig=Cg0ArKJSzOGoC1vswDPnEAE&id=lidar2&mcvt=1000&p=186,-150,1386,1750&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=19&adk=713564622&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662988359198&rpt=332&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4857 42 B
108 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk7zYbeVbxOSPXkRN9brrnnGZYiY6u7iZddk_vd_efJvxvK0DJRGIGfsIBLLrTroo9AP_FU24LVY4zRuytZK9zb7AsD1wxDrtwSXZ-dOWL_KyFCJgS&sig=Cg0ArKJSzEQJCqZ2-Mk9EAE&id=lidar2&mcvt=1000&p=629,1135,1229,1435&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=0.95&vu=1&app=0&itpl=3&adk=1460125478&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662988359432&rpt=152&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3874 42 B
64 B 76ms
48ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZrDvL6Kp69IjkHBScbMBw-3c8ms38ROp3VrKsmfkGuhFFi-_leIZCBt1ebzvH0u00g79gXwYIV8GfGbhv6yAknEnZjtLjPod5yCppwanIrsSmKgJ2&sig=Cg0ArKJSzJmpcEgv2nQIEAE&id=lidar2&mcvt=1000&p=519,1135,569,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1640516046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662988359460&rpt=156&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 1567
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: F8fWGFzrdVWhLupDq29v1CrVWyVHDJ9VY+NHsCa4kuz5A8ARCJsgs4Rw523OOwMbXHN72uV0Dsg=
x-served-by: cache-fra19165-FRA
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1662988361.702644,VS0,VE0
date: Mon, 12 Sep 2022 13:12:40 GMT
vary: Accept-Encoding
x-amz-request-id: ESE4FK737266DTMR
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 51
x-cache-hits: 3481

GET
H2 200 / Show response
pips.taboola.com/ 64 B
238 B 23ms
7ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: f76be8aeae1d8dfd158c47335ed63dc38df393e4e4d0d227bb94962cdbabbede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:40 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19130-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 487ms
157ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=0f0cb0c4-1943-4795-bf6c-d2f254c62cf1-tucta18b5c6&uad=c88b840f447f11dd645c51a5e9f381774f4c89becd41b0e094b005faac64b4b8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 13:12:41 GMT
cache-control: no-store
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BC4 0
741 B 13ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13975&pub_id=2165561&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:40 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54ca0f82-419d-4789-abc4-e98fed5d8491
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
119 B 18ms
16ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 34ms
32ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 35ms
34ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 35ms
33ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 34ms
33ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 36ms
36ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 38ms
37ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA67 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvujJQmNhFK9GlKv6pK2f7dtSGJJbMromidq4CPu8hFpJN2_i5VPe5_kit71DPbrwXVWfAdRwmCgZeLgQfFMjmFr5WPWN-rvt1IfSn91lhQm6KkjS_t&sig=Cg0ArKJSzOiRDSokY0o2EAE&id=lidar2&mcvt=1000&p=798,278,892,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=1059339992&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662988359903&rpt=214&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:12:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F87 0
741 B 13ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13975&pub_id=2165561&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13975&pub_id=2165561

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:41 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77c9aba3-5401-4812-a8b2-eb9b567b1bbd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame BA67 0
832 B 13ms
13ms Ping
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.kold.com%2F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjH4PyYBhDBhqmT7a6V-lIYzLeQrczp_5lRKjYJZ2ZmZmZm1j8Rb_CFyVTB0D8ZAAAAwPUoFkAhb_CFyVTB0D8pZmYJJNgxAAAAQOF68D8wwqLNDDiXbUCBZkgCUO7Mx7UBWJr6nwFgAGjg9cEBeJD0BYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApYBdWYoJ2EnLCA1NDc3NTA3LCAxNjYyOTg4MzU5KTt1ZignaScsIDYwMjk2MjMsIDE2Nh0ALGcnLCAxODc0Mjk3N0Y7ADBzJywgMjc3NDYxMTA5Rh8AMHInLCAzODA3NTc2MTQ2HwDwsJIC1QQhUkcycFRRalhpYzBaRU83TXg3VUJHQUFnbXZxZkFUQUJPQUJBQUVpQlpsRENvczBNV0FCZzNBRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUtvQVFLd0FRQzVBVDJpM3JLZFNkWV93UUZxanlVWVoyYldQOGtCQUFBQUFBQUE4RF9aQVJDU0JVemcxdThfNEFHM2d2QUM5UUhvVExJLW1BSUFvQUlDdFFJQQEzCHZRSQEH8FhBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NMLUgxU1FRQkJnQkxjRnptVHFpQXhNSXc3eUxKQkFLR0FFdEFBQ0FQeklEZFc1cgU0MFBfSWtTUVFDeGdDTFEBb8BDNkF3bEJUVk16T2pZd056amdBNkV2Z0FUN2tMTUdpQVREOFlZSmtBUUJtQVFFd1FRATUJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBVy1MNWdGOWZDbWhBR3BCBXAgQUFBUEFfc1FVAQoJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmJpUkF2QUZ3ZjMzQ1BnRmc2bk9Bb0lHQTBWVlVvZ0dEcEFHQVpnR0FLRUdBQUENAiRDb0JnU3lCaVFKDREBAQBSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIUJ4UUVtQTpZAixKcjZud0VnQUNnQU0R6RBBQUFPZy5dAUBoQW9TOUpFSklGVE9EVzd6OR15AEIdeQBCHXkEQnABSAkBBEJ4CQgBARBCNEFJazVw8PU4RDgu2AIA4AL6mF3qAhVodHRwczovL3d3dy5rb2xkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdGuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMzA1NyNBTVMzOjYwNzjaBAIIAeAEAfAE7szHtQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5_Uv6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGy8EC2gYWChAJEhkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLoGQADIB5D0BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=c7e01a86aa76d17540249aa6f4965e003345cf5a&type=pv&jm=1003&px=278&py=798&bw=728&bh=90&sf=1&sid=6930894171771826515&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26431810&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 13:12:41 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1bb9d47a-3be0-414c-b3fa-2ccbd4a13e7b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
66ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

461849280f7111861aea95ecd5990e3ed73966bddbdc5d2e5f55058eaac7693a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 13:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11184
x-xss-protection: 0

GET
H3 200 970x90.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame 188B 87 KB
87 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/970x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=RrgT1ZETeE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:38:22 GMT
x-content-type-options: nosniff
age: 12859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88667
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 09:38:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 13:12:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01F3 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 13:02:13 GMT
expires: Tue, 12 Sep 2023 13:02:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F48A 783 B
534 B 23ms
23ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d556b6b9ab282856cf02c22b25cd730f9418d3f4eb69150c2e17a73ded783418

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RjAYiPVsDKcrr2D0TqPwdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-RjAYiPVsDKcrr2D0TqPwdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 13:12:41 GMT
expires: Mon, 12 Sep 2022 13:12:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 01F3 36 KB
16 KB 26ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 09:46:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F48A 0
0 59ms
59ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090701&jk=671339152331792&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 01F3 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rA2C6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090701&jk=671339152331792&bg=!HR6lHlrNAAZTikH4c4o7ACkAdvg8WoNlYzNGZpfnhuBtH_8wIbtf1pTMFdeG-vxIRjW9HZR3At6WSQIAAABKUgAAAAFoAQeZAuKV8bb8sNkkEae5TFnbbPlQwBrLJx0UYGqWgzTHvtG8X9JY-aqyOQYgit9rPeYUdOIrqr2hWaghcnB6hLF-9RnhecaAVew2BlyMN86H0ETGHz5ybxpKhzxvYOKsXCKaMPc2P4d0J869UOwp9Y5fbThAUxmC6hAupgPG7UpCJ59ywKNiT0PL0wcgPUha9Enrw66qEjNvZWbW1eP4h1Z76x0ZBFQbX-TjHbFTWZvmbvZu0gkPGzoGPzihfXeJTEMFU6Mc5FjD_FOv50a0G63YAhtcaB4E51Qbugt7gltYckWR9hpounBpZwJDm0yBEDL99r25_5jd5VbVLANy-mOsnOZZz0pQMuegZLMogniiXX-4j8a06Wzwumig5tcGrug7kTZsKjrsS5M3mfQ6BVT_8tpfVvSTCWfcAFs0XbUqc3XESeM_BJb3JJQxFi3CD4zDS4c1buD35Ukkax5He-BoAPQMot2zeq3BXIdGMmhByNSENY-MasBB48Z-b54aS2dr8wdjCS_BXs_lSLagY40114Bq1LTerpTEuxiO1SJbPIcmsP7BUH-FCQviHCg74J8sIfhGflCQHnW2Bd8gNhz-x1gF0Z_Rw99aVQ5Q8pJHTdU7abXjK9RlzFSKbWw4wO3R4KlVNwcOipeKMgX6D-odET5F02rwuQo0d83Eg_C3eDqQL2kHt3t1SC1B_swE33RYVzaw--aNUM_a8_29stseCwnbRzGDaPr0dj3F5-qNTfJmbFkpqt6eGEG92S0i_1gnYus6OGmwi7jy9XVNOqpL-VaX1VnewJGCbeU-SuATslsY7le90lQ1nrNPRwOETaP95VJ2qBiKLchc3v-EqbBNsaSXDuPfDLUSI5Su6LKZlDPQkMjayyXcPlv7pPSK2Xylu8uWlRvOrq0Qibf6kFbzAEqdUeJiRMJSGTtbOF-bwEHBe1c9c4eV4vVy3fgtVWv_x0cTOtXDZulHs2Uy1bQhMFpEc3I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
265 B 8ms
8ms Image
image/gif 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1662988363089&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20105.0.5195.102&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1662988358086&ns_ts=1662988358086&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1662988358086&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:12:43 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: 8EFIOi6SSwZB6Qm6B-TtvVO-JOtTNeF0RCojEizqisTtKRv1TyuZYg==
x-cache: Miss from cloudfront
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/476dfeb0-1072-0138-f111-06a9ed4ca31b

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.piano.io/	1970-01-20 05:56:30	Name: __cf_bm Value: zR3Z.BatfiygkdmBFvCQmfb0aygmHIxQob3nsa8OxHw-1662988358-0-Aa8FtR9GMqVfZPdVhPVUhKGgf4jZp1B1CWs49bV3KZoFGpP2zEOIlfJYRrncF8G4YCmb89Rzq2xtQ7EF7NU1DVk=
www.kold.com/	1970-01-20 06:39:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kold.com/	1970-01-20 14:42:04	Name: usprivacy Value: 1---
.kold.com/	1970-01-20 15:25:16	Name: _cb Value: DBZuFU7z30HDF80zo
.kold.com/	1970-01-20 15:25:16	Name: _chartbeat2 Value: .1662988358429.1662988358429.1.DOK-X-C_fn0EB7PIJgDIK6zDDY8Cxq.1
.kold.com/	1970-01-20 05:56:30	Name: _cb_svref Value: null
www.kold.com/	1970-01-20 14:42:04	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D0f0cb0c4-1943-4795-bf6c-d2f254c62cf1-tucta18b5c6
www.kold.com/	1970-01-20 15:18:04	Name: cto_bidid Value: nzSo1F9rOTZHQlpHMW4yJTJCQThmQSUyQnV3U2VIS3haY211cDklMkJ1b284U0w3SkpiUTl4SiUyQmVGYURCd2dSQ24lMkJtVDdUOVR5WiUyQktFZ0ZoOEYxMWpkZFZXNEU0aFgzZyUzRCUzRA
www.kold.com/	1970-01-20 15:18:04	Name: cto_bundle Value: y3u1ol91WVJtamFZUjc4c0VRMUliV3RVOFFSMGpvaDM3d01WN0Z6VnJTU3RBJTJCWWZqWkhVTHpZQ0FTSTVTbTYyM25iZVJRM2FBZVBzeW5zUFF2YlVlaTVoWVlCVWpuJTJCWmZVWld2bDhYdVAyZUttOU1xZWEzNVpXN2ExSmQ1dm01YTlhYjE
.kold.com/	1970-01-20 15:32:28	Name: _ga_RN7RQJ27EZ Value: GS1.1.1662988358.1.0.1662988358.0.0.0
.kold.com/	1970-01-20 15:32:28	Name: _ga Value: GA1.2.1092319172.1662988359
.kold.com/	1970-01-20 05:57:54	Name: _gid Value: GA1.2.1285671193.1662988359
.kold.com/	1970-01-20 05:56:28	Name: _gat_RMD Value: 1
.kold.com/	1970-01-20 05:56:28	Name: _gat_UA-154518538-42 Value: 1
.kold.com/	1970-01-20 15:32:28	Name: _awl Value: 2.1662988358.0.5-dd79427cb63363f9413dab86aeb7ada6-6763652d6575726f70652d7765737431-0
.adnxs.com/	1970-01-20 08:06:04	Name: icu Value: ChkIuZaEARAKGAIgAigCMMfg_JgGOAJAAkgCEMfg_JgGGAE.
.adnxs.com/	1970-01-20 08:06:04	Name: uuid2 Value: 5851301046082870220
.casalemedia.com/	1970-01-20 08:06:04	Name: CMPS Value: 1149
.casalemedia.com/	1970-01-20 05:57:54	Name: CMST Value: Yx8wR2MfMEcA
.casalemedia.com/	1970-01-20 14:42:04	Name: CMID Value: Yx8wR3bZ.frVxN0hBYJKXAAA
.casalemedia.com/	1970-01-20 08:06:04	Name: CMPRO Value: 1143
.casalemedia.com/	1970-01-20 14:42:04	Name: CMRUM3 Value: 27631f30470b40&e6631f30472760&0a631f304727600&c4631f304705a0&2d631f304705a0&f1631f304705a0&58631f304705a0&1f631f304705a00
www.kold.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1662988359630%2C%22visitNumber%22%3A1%7D
www.kold.com/	1970-01-20 14:42:04	Name: pnespsdk_visitor Value: bf1dz3bty6ytjzfe
.kold.com/	1970-01-20 05:56:28	Name: _gat Value: 1
.kold.com/	1970-01-20 15:18:04	Name: __gads Value: ID=a5dbdfcabc0b7d97:T=1662988359:S=ALNI_MawNdsujsOFNLA4WwrqWXLWILcf_A
.w55c.net/	1970-01-20 15:25:16	Name: wfivefivec Value: hKgPql0b1OxJeT5
.owneriq.net/	1970-01-20 15:32:28	Name: si Value: Q7162747591201799416
.owneriq.net/	1970-01-20 06:10:52	Name: p2 Value: cc
.quantserve.com/	1970-01-20 08:06:04	Name: d Value: EFYBDQGKJ7jvsQA
.quantserve.com/	1970-01-20 15:26:42	Name: mc Value: 631f3047-af4e0-64521-f6faf
.acuityplatform.com/	1970-01-20 14:42:04	Name: auid Value: 692397895948
.acuityplatform.com/	1970-01-20 14:42:04	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQUw6SUGCmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFMOklBgo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.w55c.net/	1970-01-20 06:39:40	Name: matchcasale Value: 5
.doubleclick.net/	1970-01-20 15:18:04	Name: IDE Value: AHWqTUmQyxjoY-2UDbdxPYDzNf1W7T3X1bSu5S-i6TcJzMa1H3RTQVJJhxsixNc3EJQ
www.kold.com/	1970-01-20 05:56:31	Name: _lr_retry_request Value: true
www.kold.com/	1970-01-20 06:39:40	Name: _lr_env_src_ats Value: false
www.kold.com/	1970-01-20 07:22:52	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-12T13%3A12%3A40%22%7D
.kold.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1663074760334
www.kold.com/	1970-01-20 10:15:40	Name: _pubcid Value: %7B%7D
.casalemedia.com/	1970-01-20 08:06:04	Name: CMTS Value: 1116
.www.kold.com/	1970-01-20 06:06:33	Name: RT Value: "z=1&dm=www.kold.com&si=014027f3-44e6-469b-baf7-b9903e9a63e9&ss=l7ysbw18&sl=1&tt=49d&rl=1&ld=49g"

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tag.simpli.fi/sifitag/476dfeb0-1072-0138-f111-06a9ed4ca31b Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-T0jWfhRAyFUcvrqFuorYNDftpwdsY1zN0QvfwV/8rhE='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-qMhaRniomOw4rhmmMY38tzu+rtPV87zJ/MMIxsH73B4='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 Message: Failed to load resource: the server responded with a status of 503 ()
javascript	error	URL: https://www.kold.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.kold.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams3-ib.adnxs.com
api-esp.piano.io
api.rlcdn.com
c.go-mpulse.net
cdn.adnxs.com
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cdnmetv.metv.com
cds.taboola.com
ce0c9508bb8b25c718fc53a3525532e8.safeframe.googlesyndication.com
cm.g.doubleclick.net
code.jquery.com
crcdn01.adnxs-simple.com
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
gray-kold-prod.cdn.arcpublishing.com
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
image6.pubmatic.com
images.taboola.com
js-sec.indexww.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
mug.criteo.com
operationchicken.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.quantserve.com
pm.w55c.net
polyfill.io
px.owneriq.net
r.casalemedia.com
reconditerespect.com
region1.google-analytics.com
s.amazon-adsystem.com
s.go-mpulse.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
staticcdn.metv.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
t.pubmatic.com
tag.simpli.fi
tpc.googlesyndication.com
trc.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
use.fontawesome.com
webpubcontent.raycommedia.com
www.burst.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kold.com
www.metv.com
www.queryly.com
www.tucsonnewsnow.com
x.bidswitch.net
api.rlcdn.com
tag.simpli.fi
104.18.18.126
104.18.19.126
13.32.121.37
141.226.230.50
142.250.185.130
142.250.185.66
15.197.193.217
151.101.129.108
151.101.129.44
151.101.130.49
151.101.65.108
154.59.122.79
162.19.80.91
178.250.2.146
18.156.0.31
18.157.110.72
185.183.112.148
185.59.220.193
185.64.189.112
185.64.190.78
185.64.190.82
185.83.142.19
185.89.210.153
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
209.54.182.161
23.35.236.188
23.35.236.201
23.35.236.247
23.36.162.26
23.75.246.168
2400:52e0:1e00::864:1
2600:1901:0:3b3e::1
2600:1901:0:ccb0::1
2600:9000:223c:7000:18:1fcd:351:7bc1
2600:9000:223f:0:8:48e:53c0:93a1
2606:4700:20::ac43:497c
2606:4700:3032::ac43:a9f7
2606:4700::6810:2a41
2606:4700::6811:190e
2606:4700::6812:c4c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::2002
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9a
2a02:2638::1c
2a02:26f0:3500:12::1730:178a
2a02:26f0:3500:586::11a6
2a02:26f0:3500:981::11a6
2a02:26f0:6c00::210:bb59
2a04:4e42:200::300
2a04:4e42:400::282
2a04:4e42:400::714
3.126.157.114
34.208.243.53
34.95.69.49
38.91.45.7
44.195.113.55
52.18.161.218
52.217.33.182
52.222.214.127
52.7.195.165
66.155.71.25
0123b68651830a2433646d068171fef24441fdf9e3cbb5947d038711970098bb
016c4ac91b8281be40f97f8b924e6c5b2341ae8fe23427815e05ed91a9021b66
0238a5e03d24382af780b4822763126445d02d941e491fb3fa15dadfd7326e35
02693e200cffca75ad921196bb3b4c7f42b366d0f6fd821f8008395df2037378
02be4814af7695fbd75e69d7cf079fa60f013ffdeda2f0da49fdcca573fb99a7
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
059ab69039d3f4ba876a646e45a77b6394cf0e7ae0a1d37cbb3ea2ada9830ef1
0782677b733b305e3955d5901b360da8225742817a3c66865ece8f17d7bfcd7d
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc2c7b7a806dc41008767b294d7f15ed50a9f479a5d62ab4f6a897133ba7c62
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd2f6f201dd23b6e4c2debb62301fdf02faca8a5b114c861b574a5f1207686c
0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
101aec24c62f2459e99a3f952d5effb7c5b4097c0c9c7be9297badff4bea393f
11d9b866023d83f49920f69b0bb910dcef0921445d644bceb56decd487be7000
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
13e4a7155e236f5fdec886cc91cb29b1dcd431407edb588229097858d46e0aba
140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae
1506fca8d943d86b7e00215d84febef963ab3f985a404bb3cac19fd730bbb300
159c7219a100ebf1a6fd0115c64ddac36c8a318ee8e39ac4922690a7ba59aef4
16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
24831f120c3bfb062c7472c1b4412f0e09ef997039798788fd3f8cec946080e2
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
27ac1a71c957bc05469f89ceda81baeca2e4a18965143649949e1e2503d0aa65
295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2c280f4460dd82e94094fbaf0069ed0217d5d2778d57d3eefaf0d0e6e83f4905
2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa
2debbc1274658a3631e1f38f57ef69756898cfea81bcd85490222639a44b91a8
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3308f2cd5a4fefd61bef6f22619732e08ab23d94445bf1d0c0fbe6b93b7cba19
339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486
3444e6e1fd6657e018f6b0582e1fd9baf7ea77a57cb2a4b3417e4ca18ba0256a
353c5f8fdb83bea0dbf3c470decf933e60a72fd61d05091bcb2be7d5052ad1d4
3878350bc095d255b559f83126544ee4a377a9a408590236900aee18618a296b
3c0eebb084c60d188b19d7e2935a28c04176877b741abddbde9b5b2c061a4f1a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
44676ef217047696a3bc0a97f58adfefefc6c2be8ba06c3634cb4e251f5d51db
45dac65109fd91f5a840bb8f1590dad189483730c70b7322ac81599b04ca335f
45f97fe226248734aff54d561f1d6ac471aef2c1348cc421f1fb3bea21b9b45a
461849280f7111861aea95ecd5990e3ed73966bddbdc5d2e5f55058eaac7693a
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a
4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6
51deaa90088d013d49b55a0642d2fa337a936b9526cea4d37ab5d8d00715cbfc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5680a747dd348b317409133b28002a66541c5c2df480a13129921ecf91ce8eaa
57b9b383ca541aa1ad22af3dcc8f094ff58a3baa8a20f180883132ee57a29e67
59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e6484ac287eb91583ab3cbc451e9c0f94e01fab04584c7d78527afc48a07a72
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
66fab282a68497eef53dc56860657890e81b9241329eed9949fdf10c7f6f2cd1
67cdd901973b2bbb41b4380c7133c228f79ed79c6946909fcd7dfa15aa97a7df
68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ccff43906b2881351992cf7f710487e65c875f97d43b2b597e8da4987350f
6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
76999e50e7bd72e8fc1cc357c256f6b9d6b086c6cf695e05b2cf053dd0f4e43b
7866f2b0f417c5a98d4ed52128a7fa6fee53459369de1d01425fbfce6085ea30
791360d716edd0409f5b265c5cdc56ea0bc90d20bde697cbaf2e75d100f019d0
7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cb41abe564f4c2e7041555bcda98b601cd042674be75457b43f1e3f7b7c6ee
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab
8baa2cde580e6619426c5927fc76c331128c85a63c1e963e640ed91634d852e1
8c21ed5650bb6d2d9903dd124ddd00db53a2affd46c7b25c0b0e647354c45f25
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea8d160a6b41fde86bbfe2d59eea827cb4ad906e7f79ef0b21424e9198af20b
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
906f174d1d18086a12d675727a472fd2f38f65c0927a06b03e341597a5d1c712
913bfa963cbf7fc6e19616fc9984ff6677f396db3fea718ce992e160500ff352
93a6229364ea99750402bd241d0b6e0db233d09a606bdc3a05d12eaca5b538ea
94fdb407d85f90c0bf28ef21bd4d53bd093ef952b79964f62bbe1d6e3b951a57
96ca183f6f61ba1172aa8c6c5a1810520190f2784082319e4ba42dea34b6816c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a25cd45168fd56ffcfab5d6c921dc2b95e3a72a7e6e3daa1d1c8674f2e0d347
9b75103503b2ac30ec63629a89a3a1ee2c0869885264571e65dda0b8027ef518
a0239156cced369fa88bffe603a2704df3ad45a4892cf1d1d38410c25105a0f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92172228ddbf8eb8604041a3d9c5aebe7ff2d119e2b03f528ac7233a27d9616
a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208
b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39
b8ec1cc9eefba4a54562f24cd80121e505c0c7f36c4e86ed48236c5b86c9c1cf
ba534550e7ceb834f039c701a05dded737adcf4f94d739eccf91cb7f1320b817
ba65174b577133238354425f1603df8047b007d5ccf3bf7c88521797470d30b5
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c11d76af0384d0476ac0313b6e8a297056302f531fb2232745f6920c011194f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2
c4a6887ed310b7fb8a19f82874db30a5c171cd61ec27f90b4d2acc9f89b44098
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
ca7306a00c6467f9ab2f18f7c685197edf36a9840d88cee4c09788cb72494159
cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb
cb3747b110e25355e36a9f00bb35550868c4da1f9591eb1d3c882c659b1240ba
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
cd80769987004bef5ee6abdff85e6dc290fa7184bb774d4412887d42b29f6489
cdd4b204ea90fde8ddc1180f81080b3170f039b8575f0a1d7b53966c9aa5c1da
cde90dddfcc5ac63a77f89801cc5acf872367a7afcc13653b2e2512943929212
ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee
d14db3f5c46c69f8c440d7678247e477126dd4e644b325f1726f5802b38bca1f
d1dff4a3052a6122f122d5bc847b216ede422889e551f1e1d933f227fd1c15f8
d3f0943b8b3600038e85e763a9be71b05f12a1c0a686a8a1cccf03a246c3b60b
d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1
d556b6b9ab282856cf02c22b25cd730f9418d3f4eb69150c2e17a73ded783418
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da34a8cf4a72f0722632afcec89812e5bf2ecfe7bba0b2c220ca23b463478d9f
dd204c80f3fc250dda88118ac68d7be7e80637d98126d7e0ecf75e95bd1dfb6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df16a417e36dda6d4c975cd990c6a95f45e84e9913a9253105cb632fad23085e
dfbeafc468e94c41fd4b2221847ddc2a2470259766e45dd60f1a277a901e4ce1
dfce06b1e3b8fc00766b53e499f497a39359d084f92ad0b9039aa6a93b5e13cf
e39afaa4a65cdc7a9ace563eb2bb346ef4a9877dffb539a6dd1753d5f594584b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e638165637f01eb5868748cb0ddf22d984529ff9438ef9a4a95e0a2e66d2150e
e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055
e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1
eae4c9c0fe2d17e96b8e88ef29eff61009d1950c52cead38c26cd828945c50a9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f171731dbecb4b7a61e855714eb96670305c38e1324b5b1b522887559a08ccfd
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f62224bc4b476b2c7068e831792b147d64aa118da787e148e9717fc8dad5d121
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f76be8aeae1d8dfd158c47335ed63dc38df393e4e4d0d227bb94962cdbabbede
fb1650c8ffaae50b1049c7624359c3c116ec9361837a536aae4d98034974dabd

www.kold.com Open in urlscan Pro 2a02:26f0:3500:12::1730:178a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

94 %HTTPS

49 %IPv6

55 Domains

84 Subdomains

72 IPs

9 Countries

4977 kBTransfer

11846 kBSize

42 Cookies

26 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kold.com Open in urlscan Pro
2a02:26f0:3500:12::1730:178a Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

94 %
HTTPS

49 %
IPv6

55
Domains

84
Subdomains

72
IPs

9
Countries

4977 kB
Transfer

11846 kB
Size

42
Cookies

274 HTTP transactions
11 data transactions