www.kold.com Open in urlscan Pro
2a02:26f0:3500:12::1730:178a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tucsonnewsnow.com/
Effective URL:
https://www.kold.com/
Submission: On September 12 via api (September 12th 2022, 4:32:53 pm UTC) from US — Scanned from DE

Summary HTTP 334 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 78 IPs in 10 countries across 57 domains to perform 334 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:178a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.kold.com. The Cisco Umbrella rank of the primary domain is 351306.
TLS certificate: Issued by R3 on August 19th 2022. Valid for: 3 months.

This is the only time www.kold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2a02:26f0:350... 2a02:26f0:3500:12::1730:178a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a02:26f0:64:... 2a02:26f0:64::214:84a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
2	52.222.214.127 52.222.214.127	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:cc00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.36.162.26 23.36.162.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.73.204.82 52.73.204.82	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:0:3... 2600:1901:0:3b3e::1	15169 (GOOGLE) (GOOGLE)
5	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
10	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:ea:... 2a02:26f0:ea:4ba::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	52.217.72.206 52.217.72.206	16509 (AMAZON-02) (AMAZON-02)
1	54.208.44.81 54.208.44.81	14618 (AMAZON-AES) (AMAZON-AES)
3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:f800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2400:52e0:1e0... 2400:52e0:1e00::864:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::863:1	200325 (BUNNYCDN) (BUNNYCDN)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	198.47.127.22 198.47.127.22	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 21	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
5 27	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:c... 2600:1901:0:ccb0::1	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:594::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7 12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 8	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2	18.194.190.42 18.194.190.42	16509 (AMAZON-02) (AMAZON-02)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	72.251.241.204 72.251.241.204	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a05:d018:d29... 2a05:d018:d29:3602:330c:6850:f997:69b7	16509 (AMAZON-02) (AMAZON-02)
2 3	92.123.21.100 92.123.21.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.146.231.30 54.146.231.30	14618 (AMAZON-AES) (AMAZON-AES)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	34.96.71.22 34.96.71.22	15169 (GOOGLE) (GOOGLE)
1 2	34.236.72.34 34.236.72.34	14618 (AMAZON-AES) (AMAZON-AES)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	34.249.7.180 34.249.7.180	16509 (AMAZON-02) (AMAZON-02)
1	35.164.244.115 35.164.244.115	16509 (AMAZON-02) (AMAZON-02)
1 2	95.101.27.37 95.101.27.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:11a... 2a02:26f0:11a::6867:4853	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
334	78

9 2a02:26f0:3500:12::1730:178a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.tucsonnewsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:64::214:84a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-kold-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-127.fra56.r.cloudfront.net

www.burst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:cc00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-26.deploy.static.akamaitechnologies.com

webpubcontent.raycommedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.204.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-204-82.compute-1.amazonaws.com

www.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:3b3e::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ea:4ba::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd311.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.72.206 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.44.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-44-81.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

staticcdn.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::863:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdnmetv.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.89.210.180 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.18.19.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:ccb0::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

operationchicken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.46.128.147 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.190.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-190-42.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:330c:6850:f997:69b7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.21.100 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-100.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.231.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-231-30.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.72.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-72-34.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.7.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-7-180.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.27.37 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-37.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4853 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	760 KB
45	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 ad.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	335 KB
31	casalemedia.com 9 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 755 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709 r.casalemedia.com — Cisco Umbrella Rank: 1020 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	22 KB
25	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com — Cisco Umbrella Rank: 876	84 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	390 KB
18	arcpublishing.com gray-kold-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 563650	735 KB
17	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702 image6.pubmatic.com — Cisco Umbrella Rank: 891 t.pubmatic.com — Cisco Umbrella Rank: 5050	152 KB
14	piano.io api-esp.piano.io — Cisco Umbrella Rank: 16042	114 KB
13	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1042 trc.taboola.com — Cisco Umbrella Rank: 918 images.taboola.com — Cisco Umbrella Rank: 1875 sync.taboola.com — Cisco Umbrella Rank: 1545 pips.taboola.com — Cisco Umbrella Rank: 397303 cds.taboola.com — Cisco Umbrella Rank: 2547	210 KB
9	metv.com www.metv.com — Cisco Umbrella Rank: 113391 staticcdn.metv.com — Cisco Umbrella Rank: 197940 cdnmetv.metv.com — Cisco Umbrella Rank: 160887	186 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 415	5 KB
8	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 942 cdn.indexww.com — Cisco Umbrella Rank: 2169	8 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	1 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	79 KB
8	kold.com www.kold.com — Cisco Umbrella Rank: 351306	621 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	307 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2793 kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2799 fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net	1 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	36 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	217 KB
3	gstatic.com fonts.gstatic.com	46 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1924	1 KB
3	simpli.fi 1 redirects tag.simpli.fi — Cisco Umbrella Rank: 7108 um.simpli.fi — Cisco Umbrella Rank: 1468	1 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	3 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1628 mab.chartbeat.com — Cisco Umbrella Rank: 3129	25 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	102 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 6166	563 B
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772 ups.analytics.yahoo.com — Cisco Umbrella Rank: 419	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 420	440 B
2	operationchicken.com operationchicken.com — Cisco Umbrella Rank: 35796	723 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202 www.google.de — Cisco Umbrella Rank: 3469	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	78 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1818 c.go-mpulse.net — Cisco Umbrella Rank: 733	51 KB
2	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 44152	33 KB
2	queryly.com www.queryly.com — Cisco Umbrella Rank: 16338	9 KB
2	burst.com www.burst.com — Cisco Umbrella Rank: 58188	13 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4174	212 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2151	335 B
1	akstat.io 684dd311.akstat.io — Cisco Umbrella Rank: 62829	200 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6405	420 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 1128	263 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 2164	35 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1268	425 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2381	408 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 6550	269 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 3248
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2435	637 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 791	466 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	29 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1356	201 B
1	amazonaws.com s3.amazonaws.com	561 B
1	raycommedia.com webpubcontent.raycommedia.com — Cisco Umbrella Rank: 225829	749 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 2107	417 B
1	tucsonnewsnow.com 1 redirects www.tucsonnewsnow.com	328 B
0	rlcdn.com Failed api.rlcdn.com Failed
334	57

	Domain	Requested by
35	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.kold.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com tpc.googlesyndication.com
21	ib.adnxs.com	5 redirects ads.pubmatic.com acdn.adnxs.com googleads.g.doubleclick.net
20	s0.2mdn.net	www.kold.com s0.2mdn.net
20	securepubads.g.doubleclick.net	www.kold.com securepubads.g.doubleclick.net www.googletagservices.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
18	gray-kold-prod.cdn.arcpublishing.com	www.kold.com gray-kold-prod.cdn.arcpublishing.com
16	dsum-sec.casalemedia.com	5 redirects r.casalemedia.com googleads.g.doubleclick.net um2.eqads.com
16	pagead2.googlesyndication.com	www.kold.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
14	api-esp.piano.io	www.kold.com code.jquery.com api-esp.piano.io
12	cm.g.doubleclick.net	7 redirects r.casalemedia.com googleads.g.doubleclick.net
8	s.amazon-adsystem.com	4 redirects r.casalemedia.com
8	www.kold.com	www.kold.com
7	t.pubmatic.com	ads.pubmatic.com
7	googleads.g.doubleclick.net	www.googleadservices.com www.kold.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
7	www.google.com	2 redirects securepubads.g.doubleclick.net www.kold.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com tpc.googlesyndication.com
7	www.googletagservices.com	securepubads.g.doubleclick.net www.kold.com 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
7	htlb.casalemedia.com	ads.pubmatic.com
7	www.google-analytics.com	www.googletagmanager.com www.metv.com www.google-analytics.com api-esp.piano.io
6	cdn.taboola.com	www.kold.com cdn.taboola.com
5	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com
5	47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ads.pubmatic.com	www.kold.com ads.pubmatic.com
4	cdn.indexww.com	r.casalemedia.com
4	r.casalemedia.com	js-sec.indexww.com
4	ssum-sec.casalemedia.com	4 redirects
4	acdn.adnxs.com	ads.pubmatic.com
4	js-sec.indexww.com	ads.pubmatic.com
4	hbopenbid.pubmatic.com	ads.pubmatic.com
4	cdnmetv.metv.com	www.metv.com
4	www.googletagmanager.com	www.kold.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	tpc.googlesyndication.com client
3	px.owneriq.net	2 redirects r.casalemedia.com
3	trc.taboola.com	cdn.taboola.com
3	sb.scorecardresearch.com	cdn.taboola.com www.kold.com
3	www.metv.com	www.kold.com
3	cdnjs.cloudflare.com	www.kold.com cdnjs.cloudflare.com
2	googleads4.g.doubleclick.net	www.kold.com
2	um2.eqads.com	1 redirects r.casalemedia.com
2	um.simpli.fi	1 redirects r.casalemedia.com
2	x.bidswitch.net	r.casalemedia.com
2	ad.doubleclick.net	1 redirects www.kold.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	operationchicken.com	reconditerespect.com
2	use.fontawesome.com	www.metv.com use.fontawesome.com
2	staticcdn.metv.com	www.metv.com
2	mug.criteo.com	www.kold.com
2	gum.criteo.com	1 redirects
2	reconditerespect.com	www.kold.com
2	www.queryly.com	www.kold.com
2	static.chartbeat.com	www.kold.com
2	www.burst.com	www.kold.com www.burst.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	684dd311.akstat.io	s.go-mpulse.net
1	s.company-target.com	1 redirects
1	bttrack.com	r.casalemedia.com
1	ups.analytics.yahoo.com	r.casalemedia.com
1	rtb.adentifi.com	r.casalemedia.com
1	pr-bh.ybp.yahoo.com	r.casalemedia.com
1	sync.taboola.com	r.casalemedia.com
1	ad.turn.com	1 redirects
1	cm.adgrx.com	r.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	ad4m.at	r.casalemedia.com
1	ums.acuityplatform.com	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	www.google.de	www.kold.com
1	image6.pubmatic.com	ads.pubmatic.com
1	images.taboola.com	www.kold.com
1	tag.simpli.fi	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ajax.googleapis.com	www.metv.com
1	static.adsafeprotected.com	reconditerespect.com
1	mab.chartbeat.com	static.chartbeat.com
1	code.jquery.com	api-esp.piano.io
1	ping.chartbeat.net	www.kold.com
1	s3.amazonaws.com	www.kold.com
1	s.go-mpulse.net	www.kold.com
1	webpubcontent.raycommedia.com	www.kold.com
1	polyfill.io	www.kold.com
1	www.tucsonnewsnow.com	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
334	91

This site contains links to these domains. Also see Links.

Domain
grow.withgray.tv
www.graytvlocal.com
www.theazweekend.com
www.tep.com
www.fox.com
www.mynetworktv.com
www.cbs.com
recruiting.ultipro.com
www.circleallaccess.com
www.investigatetv.com
www.graydc.com
www.vuit.com
www.facebook.com
www.twitter.com
ad.doubleclick.net
popup.taboola.com
publicfiles.fcc.gov
webpubcontent.gray.tv
www.queryly.com

Subject Issuer	Validity	Valid
gray3.web.arc-cdn.net R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
burst.com Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
star2.arcpublishing.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
metv.com Amazon	`2022-06-18` - `2023-07-17`	a year	crt.sh
reconditerespect.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
staticcdn.metv.com R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
cdnmetv.metv.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
operationchicken.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-24` - `2023-02-15`	6 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.kold.com/
Frame ID: CA1DF15A09F8763C3CB04B7095091F80
Requests: 142 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: 97512A3C2F86267222DAF32FFFD01E3E
Requests: 1 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: 9C3509B09CC8C335F35AA64666D59D19
Requests: 11 HTTP requests in this frame

Frame: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3FAC6AB5854BBD73498A3656C4F5F775
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EE9BD07566F257146766108DDE64E981
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F62B034C6633F67D734CA1CC6418193
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CF23B40D51592F4CDADD37BD1E25C58A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3547D075CDE28651CD640D15EDA96256
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F392C53043BF8EA89774AC99C8CCF952
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 032151696A614F025FB2D006668BC92B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 93302D85F1F278D8F2644EBF823E0232
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 213F4ABACD7D04F7E6FB475D2918B8CD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: E819E16E4A152B471C29042E935B8F41
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 24A7782559514539152BED88B4D5A886
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 85C6486657A25EBBF01503F3F6E929AC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: F6C3E7F0B0D50BB7996298638B931F93
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqowbX3F0M5i9I5gmxibmhjiIW0JFOxjmR0HcjuT7bX90Kz5fOIiVjdo8LTkYDK6xNRtxBQDQSWhoYiWCPzf1xmKb6nDrT2LI5vV0gDC74zcEtOi71FszIzG5VR1-cj81RZoGg5pWFnH6yo5NnxpkT2gmiYkLa-3ATaQk1wa1Wdcgs64DBFvaF4D5ypUXF3W_fIzRfnnf-pAn_bUSEQxF89Un01j1r_0erb_GertQqiOVnOg9R-Xnng9Og1b9dLUni7qo-hHwzgC5X_s0scSsnNN6TJvXCF41g-85CfqPywcdWmWtgr1zy9563ijAQsKkcE8U&sai=AMfl-YR34cApM4a2aLxA6BVx__QQrxdI8KJl-8zDeM3QmlANdsTxJP6hxk01LjDTTsPATnhot_-DQ573oATA9ZfXTttLVct8qOxEYJYxsJ616uSnRzLkHmeyD5ekpyUX0SReEw&sig=Cg0ArKJSzMFqN-SBuZKGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AB89836883BC6B5CDC08D8B533293F0C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Im6MnbRzh2SW5AcbZPow4iBSJcT63Ztj-HrasLix3FztW_Q7DpeIvytRPJ6u4iST7VsefLs4Ox8uVlX_BgC3nCre_HLr9Ot5JvGB0oqAp2mKnzaup0JBDdhXnH7SpvM2d-nqyNU33nJZ6xqMEAshvkDfTjxb-3GK4mZVrH03iMv7bcQ4MyXDXRtx_THaZl4xwmy0_j2BtZ5ot_XzOY_7oBUlLUPQ9iPLjZ33sbw3AoA6mYwO4Rfamr8WeNJxkW5YTM3g3ZBRyzKzg9QyEF7d9HL_bcKe6eiEBNk58rMkYUew2YffBjZSgZF9XiyIHa-HZRa3sSl8JfXs3ptcPZGaWmR7vWoMvBu8tVzmqYyuO4IjLTFFIynNET8&sai=AMfl-YQfRUtmG2VHB8Jqq_FmikfJZLSGKFQfYikqMa_ObcjjJ7KZqr88dsJMDiRk0pXhX2ndxwUjGwsohIIaA-_1sqlocuqK31pZQuK9-lymzmw_nVVjdl0k_cXo75XHX9E&sig=Cg0ArKJSzEdqyvmApgsvEAE&uach_m=[UACH]&adurl=
Frame ID: 94AE1B8A2975B9495C547C804235A8CB
Requests: 8 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BDF9DC2B9EDE65A9256F9E233A6444A3
Requests: 9 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E45C2C156BD957EF8303D449A7B63C48
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: CF31D66A336B87F24F58669FE4AB8BE1
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9173B500175C849B23A1486B6B69C991
Requests: 10 HTTP requests in this frame

Frame: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D052BF04FC1B2257FCF07A951487A2B5
Requests: 1 HTTP requests in this frame

Frame: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F48566AC9E321A4E956674B2C627111
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVwV7ebWEeygE9Wa7D2WDwgiAeW1IETkGE0x7nM7dd-fRcOxs7fWrc-ytkuooco8fx4OLobnwE4yIy9R06YJTfgGEfJSO_DvGRvU2HNZuPbV-EkAWi215Kg6x4QEpCfuATa7Rn0gFCWyMY-dRSCtApe0WW05O39IbgMo0r_e4xHZlo_D_g
Frame ID: BEF2B6AA17DD372755E4E6984F3B88B7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaXHYslpXOBpw_2CGPCxEhAMWm4qUX-FshjBuBoiFdmKMKB6KqoSC8PMW0r--FHO8xBCQrf82BWY-8r3tZwY1DAUduCg&cry=1&dbm_d=AKAmf-BCpu8clyTEZwQptO1oDY-7zmXsGw8_N1NF-ObcvPKtLKxso2kELQTGvnfNBGCrEOxpQSwTMvWAMo50ktxB6mrkEJwjDaEm1VW-5j72wzEadyojfxdxJfWtO2xWvuFFoISfNVXTxoFf93bqQtJttWorv-dI4RnmCvXFm6EWTI_10lJKWFlln8iQLXXkRjuXnXZ-VV1jLHmzEMnIhhcuFM5SARL_e76nzXbgdBvYkAsmhVR4hrsgL9zPcYb7QSO3MsDzIgiLca87Svsqw14HP8f0TfAbpC_gLtY5NZ82PpstP6DkEXgghiDJSIaBU2hIuSa_JEqEeu9xOc2Tn5A-4cbUB0MhHA_T8VWM9P-djpsORQBYM2Ecwyy5D96Rh8Pc7kywy1UBffgDHQdHO2f_pd03HbvMQP3CkbPeCrxGJzjT-P58iW0wlfbelCyLspwjgsYrlBs607LGKL4BZfKvmseiBG4USDVvj9yPnvW5zYXodZ7cXVnIqk_J4_sBr09QVAPDT6-9iSyiWUQEztBS_FJTIs9LkMIeVJI6rS4Idb-0Mrjt3ICJMamac2Z9iotm6QQOFaqZbZYPDzofxad8xcCT6xBvcQ-bcUj1MTuJnQWAvWxCOqMA02yJaceSMUzVk5fdG1LLB9khZjfAKLST4TIU-3AiRlbEnJ8gKRfgwZi4Zn9VSMF-4NCL_6Ov2rdstSIm4dyk9Sqa9aWA2_h5JZXX-26wF8AdQGWifTzL_A53t4EaVgRlBwSplhRQyTqjzlkntCPnJVhiB7HJKpAbMHOCL2PzQoEyo8FSBLuTs2UCjE-kstbCBKB_zfEA3imsc8MLzT0t4cjDr5JAD2dSHIm_irmfe8w4M53L-djpg94byPzSGD8gnlxCwMVcwBAobPn46chb5bxv_rnZYLEjkOzIuwT4WkoT0dDjZyVtHEbxJ2GkLEBQR6FBJpoOKzgPja0IpCq7u1FXwLcklKsMtuOatQgV_js3xpdVcm-wyF9jv10Z-ThIslj0eHETTUNT1dS_sb70yrCE82ibGuUo44j699RUOlmW7E2QWqQF1SlvFG3m4YjiGzPoLti0Fysf8kL5c_DwqcZo636QMHuEHkxRm5kCifvJ2WQErRNGFwtBP2KjgfpyjFmHWXBt0aDV-Qd4otLGIJBwSMh_10_Dt_XvCJ7B_QQrdPMVmyc7ZsDsSVFpL0ohpKXw365UYoO3WSACAEs_udTXX2v_v3L_owLwtu8edIqscRJs4FzF6Xxh3ADCfRsRXTugCEdFx0sJ5RJqppU1mpUbQiBvfu_lw8LZLk_hOjCYGBPZqd34U81F5KJWI_X545qx5IyTzLFXsww4lxm403uDLn2Bcn5hpCDfbuiSuCmPj9D4XaW2t5TnnPoAu49-4lBBAkOH4EH9oWlJgAMmPKE1J1GUmx7R8OcbFAYL66wUzH4PJYva1osvFhmhqFLABbdLbUyE9yWB2-GOevglcG6cxmPjUT0ZbP6Y0cM1IDGhCpjAe43kugLCXuoDNDj8b_9kr0d52KNcg4ttIcDAqsW6MrlfOk2tRFxEZ4JFfJA3LWRL4cc-zJ1TAXE6VMyhNIve6UX76k6_7UdeDRzRvJmc2q-tF1ckUbDZKZtzB-O0cqB6gVWVLvJoY4y_IRgJerYT6KVoaYPJjHPk6ATlNS9jjQ80LJzUfPMKlynGqXoUeaaK40g65zUsJoObOBBdijAgeWKSHTT6otyuBSwuI0wZQu2f6LrDEQjzCRxdC6R4d_KEfvOe05osBR7cqtE4W3VRJ7IG2H5j9o9y4uWmEoUis9eUlkZzoxP1tRCxCTkFhoyHZvsnHm5rh_GbszzrLbZOeEYlHBgx1VDYMbJLua-5PXq6hjD7WNq_SUslvE_IaYVarUuQZWDhbpF4-5EdK8Init7ZASZ_s18HpeZbYE_dMFsxqIFS7jsW10biZyjTgB3Mz9PatIwu-vuO-u1wJCjl6sx5Hx898QXs8GDZNzrIEWBQ3cGl1C0UUPBx9_l0ywdONgYfEZA9wrTAPNseN7Bh-UisIt1w6YeDwJxqh1WgLyzugyO52pTyRBAVr7WtiTFvI09ZYBoLs8HafzJgA7kdCqg-1iM_e3l1_WJiR7CgNFYo8g9c94RsTN4_p0MXmWw5YnE6Ks8uyy28ssxLSY185FUx3Om-jo2Ccc-_dnUxYLFyq8REHa6L7YVVLoaK8HX9bl8NKvD79pk4Mn5CyabfXDIVjUHZLFJjiSbuc-1kFyCuCrRYNi5jPLLrbzhfPvFqXid86FFQEFVc0QsCU2YZLI5pg5V4StH9cWjXkhK-Qmp8Q68ORfpc5T1CRkYVW9NYj-GHnf6j2q_l55c0QHBQN_CgXrKhpNGsrnHAFQ2f9g_R_fboKc1oGlZYCYeZiWP3bLvG6-4c7ssMsrzSsswjuLgUeL8tlnO2IxGYfyMBmBunxroQiXzqXK1oUU7bhzymXOEazChKa9v9bzDA25o9Yvh5YP1d4Hj7BZbOKyUG5g7sSnJwQy_QX6S5EJjzTjN8UlHqwgzjo4zaDYQ-m3gdZObTn5j44EMT_iBXxMfQe-VqfPppdMAi1LUNvVsbNQ6GqpHCYJB7YHJmjApopzoNsWMTjGalJs39BynIamgJzvMUgNwZnc48S3vzdsTFeYgrbsi3192GxV3Py7AOq7e4VJpvW9QGg2_pL1etMyovLpP6-COgZt0I8IXVHaIunfCkXfGINatKcx1veMU4oXKWRTauF7XUtEzkjBh5eFKXgk3A2pPe0U4KheEJUf6BCkeXxoUhnUIk4ujNG3M2kIztdBloXGbdas3qXT8y3hL3qHEuvPZv2tNeezTFsMtPDM8DDpmnJuFgVSaMfHN2Q8Kw-BlUYNl2Po6pSF9EwiE_6T9u7zq9aYIajDHHpixocmZhZtcT5qiJL1BBxgwK_5NLLE-31IE8gO_VKkAmBZTZHxjeC3097WRNa5P67w0aNI2i5ML4WkgMQ72k9UQgst5_Y3e_zxYDCYT0o26sXfgjdNt_3ZUnY8Fk59nTS6JnhGnY6EPVE7BMgh6BBDneSWsikBYVdYuP0sp6ec-J69ZCH0OdrlreDjtvPPx_m8HhAmOw602CBEPGCgFqXAKmQC__wC6B9Qjlr07GYauSTR6myHJykZjh2PLNgEiF6MlXgEpIMW4G4_0W1_P_BBaTnNYxfTU2u8khxPnqFvAxewFHyPCgSmtfHMwsWtu4Has8PoIALPCvOi7vhI3UQbpSDMyeaPxWTwZbd2pGLXoB9EvTfJfqzie9WHER7cF-rLLiPYzWynXhPkGVev7SqB8EjspkM6znfncHjXlqCn_M12-ep_l5FJL6dKY0P34ycJJk9SlZ_MVFEFYnGGiE0CQ&cid=CAQSLgCsnQUxr2OGDgEmClDBPpEc5ehYBFw__36PiRRzBp8xWJY0KXceTx2dOefgBeg&rfl=2%2Chttps%253A%252F%252Fwww.kold.com%252F%240
Frame ID: 158CC3FBCBC9C61CEEF82CCD0BE2B368
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=k6MR8w3ZCT&t=1&renderingType=2
Frame ID: 75E7BD1495EB86D51DB7E19FEADB112C
Requests: 8 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 12E72A06530060D05CFE9FF8DF41C6B2
Requests: 2 HTTP requests in this frame

Frame: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DC49CC7853E3C2D9A82C54D632CC609
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Frame ID: AE7EC93E67F4ADBE0EFEA127F64BB77A
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html
Frame ID: 321519031EB001C39BC954B5D109C3ED
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EAC0CDC241D19958D8E2DE116BC91692
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 54784A9094A4356B5F7249BB01FABE8B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvimzhLtnvd7Xqy_Ot6fF1V99q8CaIpOAnJD-LJzWVVx3jmBcEuI2-5mBj4uFVHk8OnWiydYAE1g_9E3edEbzIzOS2hcaMLQw78OBAVvWmTFUHJ1irE6dwY9PZ5554V_MXIgnlxXVrZLcLL1IsLm2xv6MdZjUkxeWCU3Au373ITzYmNNs4vVBo3kWTeff5c4feu9jXhNrWY1r4U9xEqQkAMPXNYYskQYHIsh33u2tve9Q05yyS8EoKf_tPGauA-DPv0kWwhzxpC0L6SsI-2xsWpMK9tUdB_-sqsY5o9b4kyfAfmRrpt_TPNBV0C8_X4FvYTjw&sai=AMfl-YT9qaps_-0GJzrhuKixa-s56WZOynqP0N00a9wm27eausck_5BMRoPTuXTTSayMX6qO74Eo-DRVo0WCygk01DtA5nE1WysGkveQ_zvJ_nJ0ezAwYeeCQMFxys7UIHE&sig=Cg0ArKJSzMrxqrISTRLzEAE&uach_m=[UACH]&adurl=
Frame ID: 69C738AA223B807F3F0C2747BF178742
Requests: 8 HTTP requests in this frame

Frame: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3152AB4F97145A1520F90C15DFB7DC9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Frame ID: B7A786CE53E772A0A1E4222621C0C0A9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B2BCA74672C17CEF664DF4AA2015951
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00C08BE699776843728041D186402294
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA94CE4052B915F548AB3442EDB6D2C5
Requests: 2 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
Frame ID: D9E316020428BD0B42A28BB009144E02
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

334
Requests

92 %
HTTPS

51 %
IPv6

57
Domains

91
Subdomains

78
IPs

10
Countries

5413 kB
Transfer

12737 kB
Size

45
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://grow.withgray.tv/kold/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.graytvlocal.com/market/tucson-az
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/contests/
Title: AZ Weekend Contests

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.155669310.48765111.1615402160-1550363320.1615402160
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.tep.com/solar-dashboard/
Title: TEP Solar Dashboard

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.264183183.281644180.1615824734-1603375000.1615824734
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.fox.com/
Title: Fox 11

Search URL Search Domain Scan URL

URL: https://www.mynetworktv.com/
Title: My18

Search URL Search Domain Scan URL

URL: https://www.cbs.com/
Title: CBS

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/GRA1017GRYT/JobBoard/ae441110-89bd-444d-8ad2-b76c7b9db7a9/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=vzauRM0vSl6VVVh-Ke14nw
Title: KOLD Jobs

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.vuit.com/publishers/297/kold/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://www.twitter.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_trk_aid=537205216;dc_trk_cid=177467948;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiDnUwFoWHLSvr0pCTSAdXbYdPRDFvl9PEqvNe8CTT4CLSC68FUostSdo_OooaeZAQ#tblciGiDnUwFoWHLSvr0pCTSAdXbYdPRDFvl9PEqvNe8CTT4CLSC68FUostSdo_OooaeZAQ
Title: Siemens Energy

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-koldnews13&utm_medium=referral&utm_content=thumbnails-native:Homepage%20Native%20Backfill:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/KOLD-TV
Title: KOLD Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/0b7fd011-1bff-71f7-4891-3dce78b156ef/36afff89-4d8b-4a1d-aa26-c96af6a0c118.pdf
Title: KOLD EEO Report

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kmsb
Title: KMSB Public Inspection File

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kttu
Title: KTTU Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/c1c182b8-10c3-c5e4-8c4f-b15b4997c6d1/7f91ea11-49a0-48fa-a44a-837ea604da03.pdf
Title: KMSB / KTTU EEO Report

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kold-fcc_applications.pdf
Title: KOLD FCC Applications

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kmsb-fcc_applications.pdf
Title: KMSB FCC Applications

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=K2kLiHx1K1ZrNlQrVjkyVE5pQWZCTVVuZ2dQY1VwWnpuT3h4d3ZUeGZ3cGQ0MkZjRS9lYU1MalpQZk1CenFtSTA2MklwRWF1NGtEazBuNkZLa0VUcFd5T1l4djE0Y3BYVXBlVUw2anN2WVVIU1diajRGT29DNjFZQk51YmJrR2xrZjR0TmNxVDNQODJkMHJaRURteTRJYjZWcHFuUGFISldjZXh3YitxNWw5Q1JSeStKQnM0MDNQL2FiWmhKczQwWTZVRFkxaEFYMFRISTVycXAraWRrRS9HQktPanJCWEF5UXlwa09oUGdoUXFjdEpJPXw&cppv=2

Request Chain 125

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=kold.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_pre=COCP7YzXj_oCFdAz4AodltsKrA;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=kold.com

Request Chain 134

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 135

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 137

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 138

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 140

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 142

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 143

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 144

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB&dcc=t

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

Request Chain 171

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692427341594

Request Chain 174

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

Request Chain 175

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB&dcc=t

Request Chain 179

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d29e4d80-3fdc-43ba-ac09-fa88a765e1fd

Request Chain 181

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 183

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

Request Chain 185

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

Request Chain 187

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4493630889935331249

Request Chain 190

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162867581395166079&uid=Q7162867581395166079&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

Request Chain 199

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678638758&external_user_id=b9637b86-0071-4bcf-96f3-edfaa17d7408

Request Chain 201

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1

Request Chain 210

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDYuP5IdVTa0eq4liET3dm8&google_cver=1

Request Chain 212

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyMjU0NTUzOTQxMDk4MDUxMg%3D%3D

Request Chain 254

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 275

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 300

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p4qvrvn00 HTTP 302
https://kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 301

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p4qvrvn00 HTTP 302
https://fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net/eum/results.txt

334 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kold.com/
Redirect Chain

http://www.tucsonnewsnow.com/
https://www.kold.com/

609 KB
85 KB

1110ms
982ms

Document
text/html

2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

072ce4e81ac9a28ba2ce801b147f5088e33425e63d2edc664aa33f1f32787c13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 16:32:35 GMT
etag: W/"972c5-wrZyrvccNbua3dNwTzQh1U+SS+w"
expires: Mon, 12 Sep 2022 16:33:35 GMT
last-modified: Mon, 12 Sep 2022 16:32:35 GMT
link: <https://gray-kold-prod.cdn.arcpublishing.com>;rel="preconnect",<https://www.burst.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://webpubcontent.raycommedia.com>;rel="preconnect",<https://www.metv.com>;rel="preconnect",<https://ads.pubmatic.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect" <https://polyfill.io>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cdnjs.cloudflare.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=107 origin; dur=861
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 83964 0 pmb=mRUM,2

Redirect headers

Akamai-True-TTL: -1
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Sep 2022 16:32:33 GMT
Expires: Mon, 12 Sep 2022 16:32:33 GMT
Location: https://www.kold.com/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 react.js Show response
www.kold.com/pf/dist/engine/ 709 KB
160 KB 19ms
17ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/engine/react.js?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cb988e76688015eef050b472600d50ac35a700afc560b0902a31e4213dc4efce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
etag: W/"f6ac03543f72747d9d850f54e783f2a9"
x-amz-request-id: V1A5C0819CSWQEEH
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 162778
x-amz-id-2: +PLStP4pfHON5D6UNkFgsoxp7ftqY9VRSEzES+5RC3FvPGf8kI1PgkKu6YiMTBhjjp0/1EQyLAc=
last-modified: Fri, 09 Sep 2022 20:38:55 GMT
server: openresty
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 default.js Show response
www.kold.com/pf/dist/components/combinations/ 1 MB
274 KB 32ms
30ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/components/combinations/default.js?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

5cdf78d3cd01099efb31f716affd336f6ec3d0659f80ea7696c28886616bf108

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
x-amz-request-id: 1FKSTX8JX0SHR0N8
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 279001
x-amz-id-2: oWT0YqCfM8M2cPbdI0V79vXfbEiKEicdC4UTSypFLZsflh6BvFHlyPwavIhgz2S28epxJ0vb29c=
last-modified: Fri, 09 Sep 2022 20:38:54 GMT
server: openresty
etag: W/"959d6155d9289ca04b11edaca58a39fe"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 132ms
29ms Stylesheet
text/css 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
x-amz-request-id: BX4R5JZ3S3516C75
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=20
content-length: 14217
x-amz-id-2: XnVBGdU7vnHTXEIfdfqJnIwL4UfXsIUzOQ16CeO2vfrxb5pt7gs+XeebOv/B/997r0XXLXxeygo=
last-modified: Fri, 09 Sep 2022 20:38:53 GMT
server: openresty
etag: W/"6dd05f673b04d6bedc7a004ad60ae072"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/ 100 KB
16 KB 134ms
31ms Stylesheet
text/css 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9334288efd122436a2e9cfdbdc7d375af435f857491dd361c95e649ed498438f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
x-amz-request-id: DTYXNJN6JS98X6FE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=103
content-length: 16195
x-amz-id-2: SdSjw3Fmzsg8FanXhoTOvUoCu+B4swULgL8xa4P29k1uciPF9W9v+RflNt7cMuzhTIY8dYp3ggQ=
last-modified: Fri, 09 Sep 2022 20:38:53 GMT
server: openresty
etag: W/"3500935d47fe04b54b224e0dcf817407"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 61ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 396770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BynRujkLEhfuDgQB0fMRQm7yHfzMDZQzeBfNiQmaY0pvQsL0zHSabJljo7DsrulPDPKCDjESEJ%2BL0BpCnG9WWvaz1jbOCE5GzNDiPknN6b7XXls4fqvQwPwEi7YA%2Fz2G6%2BRHt05Nq09N6N41yZmyCx%2B7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 749a0a3fc8b5bb74-FRA
expires: Sat, 02 Sep 2023 16:32:35 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 886ms
164ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer: https://www.kold.com/
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 11:53:13 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/105.0.0
server-timing: cache-lax10646, PASS, fastly;desc="Edge time";dur=20
accept-ranges: bytes
content-length: 94

GET
H2 200 gtm.js Show response
gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
823 B 145ms
42ms Script
application/javascript 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
x-amz-request-id: V1A9P9ZSMV5HZHFD
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=63
content-length: 305
x-amz-id-2: GBLtcoi88qPjsI4oCvf5tTQ+vy0A6K3cg0+t5kMSpbvMPc9tpENgX7pt1iF2VdBg9uOTh94hUm0=
last-modified: Fri, 09 Sep 2022 20:38:54 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 framework.js Show response
www.burst.com/webapps/embed/ 36 KB
10 KB 61ms
8ms Script
application/javascript 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: qC52pvFBiP2wRcTqgSz51JTNd0IA1cWB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 6979
etag: W/"71f64b7fce14de5520a87e4b12e0b01e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 14:36:47 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: PVkisfAIaYrJwQqRa_Q-jJp1ar70ivhKkKzalZekmG9mc9HehK7n8A==

GET
H2 200 comscore.js Show response
www.kold.com/pf/resources/js/analytics/ 168 KB
49 KB 24ms
24ms Script
application/javascript 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/resources/js/analytics/comscore.js?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:35 GMT
content-encoding: gzip
x-amz-request-id: V1A45GX9CK3TF1Z1
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49862
x-amz-id-2: bpeN54JwfaxDfvm0Hhjb4XhwBvnY/idSrc/86YNxENw7cBo1CB6B7i7GSwf2KyvmqWUak2hBMa8=
last-modified: Fri, 09 Sep 2022 20:38:54 GMT
server: openresty
etag: W/"702fb2c84c6e8b364a6130cb860c7987"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:35 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 82ms
11ms Script
application/x-javascript 2600:9000:223c:cc00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 14:32:57 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 7179
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: cZAlu3PoFpzp_j1N_QVXVt46qJ5ZKducbVjNHD37rFlx45e81KRlYg==
expires: Mon, 12 Sep 2022 16:32:57 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 81ms
12ms Script
application/x-javascript 2600:9000:223c:cc00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:04:59 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 5257
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KNtWaU4xUMdzYYdoxzqt63ODtOXZYAFnljbTM6JvzZL8hoMERpx32w==
expires: Mon, 12 Sep 2022 17:04:59 GMT

GET
H2 200 queryly.v4.min.js Show response
www.queryly.com/js/ 26 KB
7 KB 74ms
22ms Script
application/x-javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.min.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Thu, 11 Aug 2022 16:00:33 GMT
server: cloudflare
etag: W/"80a6a27c9badd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cz0SYzZ0HejGWQ%2FHd1k2r4F%2BvUVpk36JT5vWJdRnjRRoRP85k1QNi8MRMyZS3mzKjvR6uJM5prkMxqJ4ROIc0bm6UbQ%2BY5Vcomr%2B8xj9R6XMT3ncW0vloKOPlB5jNxNzQiFtAldijcSPqjLkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 749a0a45ad6d90c7-FRA
access-control-allow-headers: *

GET
H2 200 ELA7SW7VSVCDXMQJMSHM6GOMQU.JPG
gray-kold-prod.cdn.arcpublishing.com/resizer/67RjnkO2mM4ny2LaaCo6Xic2aTs=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 112 KB
112 KB 122ms
117ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/67RjnkO2mM4ny2LaaCo6Xic2aTs=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ELA7SW7VSVCDXMQJMSHM6GOMQU.JPG

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8013e69343df8727fdd7eeec1c682c1d4d03f7454562eabfba3f6753714cc4a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
last-modified: Mon, 12 Sep 2022 12:43:06 GMT
server: Akamai Image Manager
etag: "9ae2610812ab1b938673ee1317dec38bae48d738"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31522261
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=101
content-length: 114490
expires: Tue, 12 Sep 2023 12:43:37 GMT

GET
H2 200 AVLXRW7TZBEELLAURE7BZ4FU5E.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/R1vumojeM__egynHTvJNXo68JBw=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 32 KB
32 KB 525ms
521ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/R1vumojeM__egynHTvJNXo68JBw=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/AVLXRW7TZBEELLAURE7BZ4FU5E.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b67f1d3eeb11eb53d6604f5e51e2d71e3a65eb376289158ffac3b2a0e22edc4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Sat, 03 Sep 2022 15:33:52 GMT
server: Akamai Image Manager
etag: "b7341325417301cd655396ecb14bacc0b03182f3"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=30754921
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=499
content-length: 32796
expires: Sun, 03 Sep 2023 15:34:38 GMT

GET
H2 200 H2PFAXP4S5ECVFRQD3CJEYLEJA.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/2sjEDkVHRhyJkt_SxwoGCvJq8qs=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 26 KB
27 KB 395ms
391ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/2sjEDkVHRhyJkt_SxwoGCvJq8qs=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/H2PFAXP4S5ECVFRQD3CJEYLEJA.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

516df38c3d366a652085d82d924ee67035e6055fe0067fe5edc6600d3f68bf66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
x-check-cacheable: YES
x-serial: 896
etag: "46b9d2f9918275fe265dbf3a78628fc26f09cddf"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=30667566
last-modified: Fri, 02 Sep 2022 15:17:22 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=256, origin; dur=103
content-length: 26949
server: Akamai Image Manager
expires: Sat, 02 Sep 2023 15:18:43 GMT

GET
H2 200 5NRUJVGUTZCGTOGSFTPTFY3DOI.JPG
gray-kold-prod.cdn.arcpublishing.com/resizer/VgM-NcUVsjh6b4KWJ5403tesvrU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 21 KB
21 KB 101ms
97ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/VgM-NcUVsjh6b4KWJ5403tesvrU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/5NRUJVGUTZCGTOGSFTPTFY3DOI.JPG

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

da2b1186ad233d62946ccf364963cfa1d5a73766b78fbeeb4134172675f42b03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
last-modified: Mon, 12 Sep 2022 14:58:29 GMT
server: Akamai Image Manager
etag: "e3d2f2f3693888ad62781dcc5a6031a3fe991509"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31530434
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=46
content-length: 21422
expires: Tue, 12 Sep 2023 14:59:50 GMT

GET
H2 200 7Day.jpg
webpubcontent.raycommedia.com/kold/Intellicast/ 746 KB
749 KB 323ms
163ms Image
image/jpeg 23.36.162.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpubcontent.raycommedia.com/kold/Intellicast/7Day.jpg?time=1615579260000
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-26.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6e056e6833fe59dbb9c5d0aea4d101e57d3c6b21faf5a8fbef40222b171dc7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Mon, 12 Sep 2022 14:29:09 GMT
server: AmazonS3
x-amz-meta-user-agent-id: kold@s-69172a5d8df84f908
x-amz-cf-pop: FRA53-C1
etag: "d1812b9ab14b0741a7edfa0798386519"
x-amz-meta-user-agent: AWSTransfer
content-type: image/jpeg
cache-control: max-age=240
server-timing: edge; dur=2, origin; dur=148, cdn-cache; desc=REVALIDATE
content-length: 763786
x-amz-cf-id: adEhqob4EoKuI2hmEvx0k50GoJUZKAgLgUrqf5dePfVE-wdqfymYkg==
expires: Mon, 12 Sep 2022 16:36:37 GMT

GET
H2 200 t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 77 KB
77 KB 70ms
67ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
x-check-cacheable: YES
x-serial: 1448
etag: "4a33211f4b0144a0291def8c8385c21a4629fd50"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31496173
last-modified: Mon, 12 Sep 2022 05:29:11 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 78455
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 05:28:49 GMT

GET
H2 200 t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 96 KB
97 KB 93ms
90ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
last-modified: Mon, 12 Sep 2022 05:24:32 GMT
server: Akamai Image Manager
etag: "0dba58772bae461e57204b8652b8e411681ca627"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31495827
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 98693
expires: Tue, 12 Sep 2023 05:23:03 GMT

GET
H2 200 t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/ 72 KB
73 KB 95ms
92ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
x-check-cacheable: YES
x-serial: 1601
etag: "a2fddffe415aa5cc83a1d14b9c4debc2b12b3254"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31308945
last-modified: Sat, 10 Sep 2022 01:28:37 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 74034
server: Akamai Image Manager
expires: Sun, 10 Sep 2023 01:28:21 GMT

GET
H2 200 t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/ 50 KB
50 KB 100ms
98ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
x-check-cacheable: YES
x-serial: 1802
etag: "28fc93541e1dbb2d64ea387dd200f8f30fd02852"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31268065
last-modified: Fri, 09 Sep 2022 14:07:54 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 50734
server: Akamai Image Manager
expires: Sat, 09 Sep 2023 14:07:01 GMT

GET
H2 200 iframeheight.js Show response
www.metv.com/js/ 1 KB
732 B 674ms
95ms Script
application/javascript 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metv.com/js/iframeheight.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-204-82.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 19:46:41 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag: "478-5e80774876a40-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, proxy-revalidate
accept-ranges: bytes
content-length: 467

GET
H2 200 v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy Show response
reconditerespect.com/ 92 KB
27 KB 168ms
121ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4c606fe88509725549422c14c85f7c7a88cb0bbae758564659cbbf4cc69ed9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "f4d7a12a2349e3f64a2d4498ecdd622ea83a42ee1ae25e7e0b19900c4d16b17b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 16:32:36 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg Show response
reconditerespect.com/ 15 KB
6 KB 164ms
117ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "344639d123c9b3004bd103fc8c43c90579f881a13b00f500c82f7e218eef0586"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 16:32:36 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 424 KB
128 KB 39ms
10ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 19:59:16 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=86201
accept-ranges: bytes
content-type: application/javascript
content-length: 130020
expires: Tue, 13 Sep 2022 16:29:17 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 90ms
42ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11874
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 19:06:55 GMT
server: cloudflare
etag: W/"1bbec-182eaffe498"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 749a0a45ac219016-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
43 KB 64ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd1d4d1fb41a767817884d4a6abf5ce992848d6eb6aec4d402589a81d94b8fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43771
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 16:32:36 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 579 KB
47 KB 57ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c51a7ad83a8c8e34f5176021e33ba259dd545c9f5477afcbcc745b7581ca7d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: JqZ7ew1t1o7lTJV6efdUTpYfKUXNWM3t
content-encoding: gzip
age: 2345
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 13
content-length: 47990
x-amz-id-2: A/46Twl/T7AHgwrVP7TUF+2qMWK9atIeSusbdl1T5a5ddhtPPPwHVXqHwM2unEEq5vke+O7o28U=
x-served-by: cache-hhn4078-HHN
last-modified: Mon, 12 Sep 2022 15:53:31 UTC
server: nginx
x-timer: S1663000357.742994,VS0,VE2
etag: "3422f8b8b954eed43d53e54a9b994ba86ee79099"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: QW8ZJK07CT06N3V8
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Mon, 12 Sep 2022 16:32:36 GMT
abp: 18
x-cache-hits: 1

GET
H2 200 RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 115ms
21ms Script
application/javascript 2a02:26f0:ea:4ba::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4ba::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: br
last-modified: Sat, 10 Sep 2022 01:18:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 framework.css
www.burst.com/webapps/embed/ 11 KB
3 KB 9ms
8ms Stylesheet
text/css 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.css
Requested by: Host: www.burst.com
URL: https://www.burst.com/webapps/embed/framework.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Qqt_gEK_RpLzus8u20YU9JYh8awwY0sB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 3027
etag: W/"72f8f831414cf37903a38162b0291620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 15:42:10 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: GLSEou3ZgGpAgBg-w3CJO6NVn_dTFZuBtH5NXmjWQfa-GuaPM6m6lg==

GET
H2 200 affiliatedwidget
www.metv.com/ Frame 9751 0
0 99ms
98ms Document
text/html 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-82.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1979
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 kold.jpg
www.kold.com/pf/resources/images/mastheads/backgrounds/ 45 KB
46 KB 24ms
23ms Image
image/jpeg 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/backgrounds/kold.jpg?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: W/"70f834011095540e8d85ff255e947fe9"
x-serial: 1788
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31531602
last-modified: Mon, 12 Sep 2022 15:19:10 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 46158
expires: Tue, 12 Sep 2023 15:19:18 GMT

GET
H2 200 kold.svg
www.kold.com/pf/resources/images/mastheads/logos/ 12 KB
4 KB 29ms
28ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/logos/kold.svg?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: gzip
x-amz-request-id: 1G8TZR7AEG8JAJJ6
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 3908
x-amz-id-2: w3KMxXgzC2LKShX8SfaNRCTrQridu1bEd+y6z8JftlyD8JGZcWY49LGFgbBtin6aI0TulY4seqe1NGtjLXYU5g==
last-modified: Fri, 09 Sep 2022 20:38:54 GMT
server: openresty
etag: W/"4a91d2a13bd624e7a386b3103266ffc4"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:36 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 53ms
31ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 338599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM7%2FjqJfrhMnEPstnbHqwBq7sL890dOPt6Ppv3GvEl5Qx%2FLq%2FUD7YH6esMzEYYdzQi6PhEHDWfhT9dUOwT6d3oHvuwsEigFvX9xggYw88XOjqK36cnXuf7%2F6UDIFaJN7rGQDijBDUymPN26ZDfPfLOX5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 749a0a45ad8d5ca4-FRA
expires: Sat, 02 Sep 2023 16:32:36 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 84ms
62ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1J1xjmkqNrNVMBiSPe2fNDlCmdAnonTK7GQ3hTyvOq3TNsepcz6kfitI9nszlKyRkWEt1%2BOxJzMS2pMc%2FrPOTO1QQPzkb9KIl2VC3ndlGyydryk%2F1nedROqoO4Rl22waV75lpdu4L8JLGFJxwEZTaU9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 749a0a45ad885ca4-FRA
expires: Sat, 02 Sep 2023 16:32:36 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 31ms
31ms Image
image/svg+xml 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=287

Requested by

Host: gray-kold-prod.cdn.arcpublishing.com
URL: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=287

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:36 GMT
content-encoding: gzip
x-amz-request-id: 1G8JW4FSKQ89E8H2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=19
content-length: 5010
x-amz-id-2: 5zYviTdgOOWE1IrgrL7PSgd7BGKsnh8WFsRdRQnjBxyM7WIy6hD1fd6uXRrl6UrMpGpA0oATA/E=
last-modified: Fri, 09 Sep 2022 20:38:53 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81e46ec29f04dd5f649c435a146e58114059537a62790af29f621096026671a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28708
x-xss-protection: 0
server: sffe
etag: "1331 / 737 of 1000 / last-modified: 1662980796"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Sep 2022 16:32:37 GMT

GET
H2 200 affiliatedwidget Show response
www.metv.com/ Frame 9C35 6 KB
2 KB 100ms
99ms Document
text/html 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/engine/react.js?d=287

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-82.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

d7bc06dbfec64427b00e9dfb01ee14adde86549b51bf6a9dbe7a9aeabbc5b5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1979
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 wx-current-conditions-v3 Show response
www.kold.com/pf/api/v3/content/fetch/ 314 B
550 B 25ms
25ms XHR
application/json 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=kold&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=287

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7d0c7578891a2d68a00573b2846bb28bd29e0448c9f44b1571c423eb347ab79e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 16:32:19 GMT
server: openresty
etag: W/"13a-lyIsBrdYgba+Zk4sDlC6G6r5U0M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=102
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=364
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 183
expires: Mon, 12 Sep 2022 16:34:19 GMT

GET
H/1.1 200
OK KOLD_poll.json Show response
s3.amazonaws.com/grayfilestore-kold/gpollData/ 22 B
561 B 387ms
176ms XHR
binary/octet-stream 52.217.72.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/grayfilestore-kold/gpollData/KOLD_poll.json?rnd=5MPFYKoXDZ8k&arc-site=kold
Requested by: Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=287
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.72.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:38 GMT
Last-Modified: Mon, 21 Jun 2021 20:30:02 GMT
Server: AmazonS3
x-amz-request-id: 3S9Z128WDSZZGP85
ETag: "3b3cd2921e72de25e5dca50ff96c6a78"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Accept-Ranges: bytes
Content-Length: 22
x-amz-id-2: 4lptX26FxdeMUgwK4bhlKfGBJ8m/pUPlK0Ge+VE+Bl03ftG23NCiIpPfWlhByamj+42O1bkzuFE=

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 30ms
30ms Image
image/png 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519937
x-powered-by: ASP.NET
content-length: 816
last-modified: Thu, 11 Jun 2020 23:20:57 GMT
server: cloudflare
etag: "d7046f64640d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuHvmtPmZiFULw0HsetgwE4IBzi8P%2B8NlUqTG94YKvR85WnTeFNP%2Brth9ZfqSfCn562DZw4p7pQfYCN6tw9uaBprW%2FchGFXgBwNauCheNvpJoZcgpbQgSD4g%2FfyOgaogYg%2BdhV1Idb4kToeCyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 749a0a48b86490c7-FRA
access-control-allow-headers: *

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
96ms Image
image/gif 54.208.44.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kold.com&p=%2F&u=CAi3hhDXi5uSCbVtOT&d=kold.com&g=39189&g0=%2Fhomepage&g1=No%20Author&g4=section&n=1&f=00001&c=0&x=0&m=0&y=5488&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4200&t=CEECkLCxZAPKCqb2ByCF56ZICUGALz&V=136&i=Home&tz=0&sn=1&sv=BAP1LFcp1kDCHFRrVf2z2EDZCefX&sd=1&im=067b2fff&_
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-44-81.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 impl.20220912-34-RELEASE.js Show response
cdn.taboola.com/libtrc/ 682 KB
141 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c23cfc9f0714dc2a044f943226120d3dad076ee293af28f24dd3da9963455aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: p0VJJifcT9RDN7jqSUhpJBo4J8J5lYPW
content-encoding: br
etag: "77190bda3d8952e43fa38db7fd437d77"
age: 3195
x-cache: HIT
content-length: 144475
x-amz-id-2: AENPU4SQB7LvGiMQ+hw6CRPC4jIrpxKBbqtBFXBFJgY+CTsaBukVK2ozeB/bEjJE+6IOICDRtXw=
x-served-by: cache-hhn4078-HHN
last-modified: Mon, 12 Sep 2022 15:39:05 GMT
server: AmazonS3-br
x-timer: S1663000357.293867,VS0,VE0
date: Mon, 12 Sep 2022 16:32:37 GMT
vary: Accept-Encoding
x-amz-request-id: GWS95SHPSHQP4KZQ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 7
x-cache-hits: 1423

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 33ms
8ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:29:45 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 43373
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4Awjh5Vsch3h-0p8j9SCjMB8UB2cDL9ksNav5JPTGSJK_phzHTQ3QQ==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 20ms
20ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=aa_test_for_monitoring_var
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663000357.295898,VS0,VE0
x-served-by: cache-hhn4078-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 66ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 16:32:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 486691
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=K2kLiHx1K1ZrNlQrVjkyVE5pQWZCTVVuZ2dQY1VwWnpuT3h4d3ZUeGZ3cGQ0MkZjRS9lYU1MalpQZk1CenFtSTA2MklwRWF1NGtEazBuNkZLa0VUcFd5T1l4djE0Y3BYVXBlVUw2anN2WVVIU1diajRGT29DNjFZQk51Ym...

353 B
641 B

45ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K2kLiHx1K1ZrNlQrVjkyVE5pQWZCTVVuZ2dQY1VwWnpuT3h4d3ZUeGZ3cGQ0MkZjRS9lYU1MalpQZk1CenFtSTA2MklwRWF1NGtEazBuNkZLa0VUcFd5T1l4djE0Y3BYVXBlVUw2anN2WVVIU1diajRGT29DNjFZQk51YmJrR2xrZjR0TmNxVDNQODJkMHJaRURteTRJYjZWcHFuUGFISldjZXh3YitxNWw5Q1JSeStKQnM0MDNQL2FiWmhKczQwWTZVRFkxaEFYMFRISTVycXAraWRrRS9HQktPanJCWEF5UXlwa09oUGdoUXFjdEpJPXw&cppv=2

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e67a55a2683aa57e1311058128f48cdea7862ef8d1890fad8ecfe7707858b443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1135347
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:36 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=K2kLiHx1K1ZrNlQrVjkyVE5pQWZCTVVuZ2dQY1VwWnpuT3h4d3ZUeGZ3cGQ0MkZjRS9lYU1MalpQZk1CenFtSTA2MklwRWF1NGtEazBuNkZLa0VUcFd5T1l4djE0Y3BYVXBlVUw2anN2WVVIU1diajRGT29DNjFZQk51YmJrR2xrZjR0TmNxVDNQODJkMHJaRURteTRJYjZWcHFuUGFISldjZXh3YitxNWw5Q1JSeStKQnM0MDNQL2FiWmhKczQwWTZVRFkxaEFYMFRISTVycXAraWRrRS9HQktPanJCWEF5UXlwa09oUGdoUXFjdEpJPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 570505
content-length: 0
expires: 0

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 1415ms
1305ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e55"
vary: Accept-Encoding
x-hw: 1663000357.dop005.fr8.t,1663000357.cds108.fr8.hn,1663000357.cds107.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 147 B
475 B 155ms
113ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kold.com&domain=kold.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 121
x-served-by: cache-fra19153-FRA
access-control-allow-origin: *
x-timer: S1663000357.440836,VS0,VE106
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 10 Sep 2022 16:32:37 GMT

GET
H2 200 WVE5K6A27ZATDFT5ZPJWGRXZ2M.jpeg
gray-kold-prod.cdn.arcpublishing.com/resizer/AwdzPttMcuuLsLolLmph7H0qzTs=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
35 KB 228ms
228ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/AwdzPttMcuuLsLolLmph7H0qzTs=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/WVE5K6A27ZATDFT5ZPJWGRXZ2M.jpeg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ad61a748965263a36caec1809125c2487834cc94d875db3b3c35a85cdf1cf450

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
x-check-cacheable: YES
x-serial: 1556
etag: "c91db66f97c9abdef6f179edf6c5ec359affdd35"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31524947
last-modified: Mon, 12 Sep 2022 13:30:12 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=57, origin; dur=157
content-length: 35011
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 13:28:24 GMT

GET
H2 200 EEXYIHRZ7VE7RJDSZ3KWFRMY4M.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/LJLkd6CtXBkTjerDg2ZtAsww2bU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 28 KB
29 KB 64ms
64ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/LJLkd6CtXBkTjerDg2ZtAsww2bU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/EEXYIHRZ7VE7RJDSZ3KWFRMY4M.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

353c5f8fdb83bea0dbf3c470decf933e60a72fd61d05091bcb2be7d5052ad1d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Fri, 09 Sep 2022 13:47:16 GMT
server: Akamai Image Manager
etag: "9b6716ba51a3fa28e0e415096ce4d69fa23d36a5"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31266917
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=43
content-length: 29137
expires: Sat, 09 Sep 2023 13:47:54 GMT

GET
H2 200 7SATMFAP5JCUZI76HMX6PHRJHI.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/v7RmrzplXEfK2gVnrxqltyh0XrI=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
35 KB 59ms
59ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/v7RmrzplXEfK2gVnrxqltyh0XrI=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/7SATMFAP5JCUZI76HMX6PHRJHI.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9a25cd45168fd56ffcfab5d6c921dc2b95e3a72a7e6e3daa1d1c8674f2e0d347

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Mon, 12 Sep 2022 12:50:14 GMT
server: Akamai Image Manager
etag: "9f32a166e6908a3dbd4dfbb0cb99ba0bc0cd6701"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31522593
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=30
content-length: 35032
expires: Tue, 12 Sep 2023 12:49:10 GMT

GET
H2 200 CCDQP63ASNDB7CCTCSXXQVRJCA.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/k_lRIGZeIflTkGigSJXrehXPAfk=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 39 KB
39 KB 59ms
59ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/k_lRIGZeIflTkGigSJXrehXPAfk=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/CCDQP63ASNDB7CCTCSXXQVRJCA.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b8ec1cc9eefba4a54562f24cd80121e505c0c7f36c4e86ed48236c5b86c9c1cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Mon, 12 Sep 2022 12:43:28 GMT
server: Akamai Image Manager
etag: "fc1a1e89853eab02f241524c25388c77d3acd780"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31522306
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=21
content-length: 39645
expires: Tue, 12 Sep 2023 12:44:23 GMT

GET
H2 200 VHO5BBVCHREKLC47C2PAWPBBGY.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/19r9VUZa04b8KZhS7Szpno173Kg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 41 KB
42 KB 78ms
78ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/19r9VUZa04b8KZhS7Szpno173Kg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/VHO5BBVCHREKLC47C2PAWPBBGY.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

af130aa4afb0e14dd94023d6ae7e755fe9f9e4fba999c227bf1578d63a757d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
last-modified: Mon, 12 Sep 2022 13:29:36 GMT
server: Akamai Image Manager
etag: "16f708d8fa6feb975768f3770a4bebbfcab67f8d"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31525046
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=31
content-length: 42402
expires: Tue, 12 Sep 2023 13:30:03 GMT

GET
H2 200 473K46BR7FBKDHKHRV3CKSTMHM.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/SrBSXyrKcUf6sjV92AX1UsnqVSA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 28 KB
29 KB 589ms
589ms Image
image/jpeg 2a02:26f0:64::214:84a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/SrBSXyrKcUf6sjV92AX1UsnqVSA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/473K46BR7FBKDHKHRV3CKSTMHM.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8de81724e48d56234c8f39b8f1c92bcec54878f7984b048ea05d309891335ba2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:38 GMT
last-modified: Mon, 12 Sep 2022 15:45:07 GMT
server: Akamai Image Manager
etag: "7a8d19d350f74e7ff5efc78e38c857a157326a99"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31533050
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=534
content-length: 28811
expires: Tue, 12 Sep 2023 15:43:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
48 KB 47ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

721a03fa5b84a64bd27ae64af4f9e909b94f4be62e9cd968eb615b4f6d9ee79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49449
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 16:07:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 16:32:37 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 55ms
7ms Script
application/javascript 2600:9000:223f:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
age: 18066874
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: eAMJbuM_ocBtkU0w-bX7cH_627Ta37YTqLQkQ4IIfQhX8gd6Njz6kQ==

GET
H2 200 style.css
staticcdn.metv.com/css/ Frame 9C35 313 KB
56 KB 93ms
9ms Stylesheet
text/css 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://staticcdn.metv.com/css/style.css?v=1.2
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
cdn-edgestorageid: 722
access-control-allow-origin: *
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
server: BunnyCDN-DE-864
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4e59e-5e3dde877dbc0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, proxy-revalidate, max-age=31536000
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cdn-requestid: 11685fa92d77c01f10715cbbd3c94c6e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ Frame 9C35 48 KB
11 KB 46ms
16ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://www.metv.com/
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19904508
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JVN8RS3G4SSKWEHP
x-amz-id-2: ClK0AIp0xRQ7c9ZrOTMOWzxCVv2lvJn8mPAUdVEGQaAVWaIRCO6jpYz0cdrdgLra9XETIZLzWt8=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q7uF%2F6WrFWCKMYPG8rLw86Rg%2BjEB6ly948WPe3QaiC6hw3fm6ZC%2BEHqZmfIHEvHuFHZfiXQWqXi9ECreo%2FJuwOaQgHe7v1zKRnuiqysX5vOrowuGK20KDZAomjEFB99oNXNc18WXXhzCtWZkuZxZCti"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 749a0a4a5ec5900c-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 9C35 94 KB
33 KB 66ms
30ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 12:55:44 GMT

GET
H2 200 metv_logo.png
staticcdn.metv.com/images/ Frame 9C35 6 KB
7 KB 9ms
9ms Image
image/png 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticcdn.metv.com/images/metv_logo.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
cdn-edgestorageid: 755
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
cdn-requestpullsuccess: True
content-length: 6506
server: BunnyCDN-DE-864
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: public, proxy-revalidate, max-age=31536000
cdn-requestid: 2a0adf6c322c65cd6db5dc1047a99ad9
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 20 Jul 2023 13:32:23 GMT

GET
H2 200 8kQoV-1554743736-71-markets-kold_web.png
cdnmetv.metv.com/ Frame 9C35 63 KB
64 KB 84ms
8ms Image
image/png 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/8kQoV-1554743736-71-markets-kold_web.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-863 /
Resource Hash: 1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
cdn-edgestorageid: 632
x-amz-request-id: 7Q2GS8B286N5KDFN
cdn-cachedat: 07/20/2022 14:03:55
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 64944
x-amz-id-2: xKZotaCetv0Ai7JytubWrUczh/3kQmnjICOuagOfSfJUVxE83LF10yYd1Zherx4PoBdULKz8fQs=
server: BunnyCDN-DE-863
last-modified: Thu, 19 Sep 2019 22:49:52 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31556926
cdn-requestid: d4d71f4b924c2c52fd9291b8dcf76f1a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Mon, 08 Apr 2024 17:15:36 GMT

GET
H2 200 DEkWH-1662568910-4142-blog-mash_50th_header.jpg
cdnmetv.metv.com/ Frame 9C35 11 KB
12 KB 82ms
16ms Image
image/jpeg 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/DEkWH-1662568910-4142-blog-mash_50th_header.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-863 /
Resource Hash: 0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
cdn-edgestorageid: 722
x-amz-request-id: 7E1EMAECJZ4AE58W
cdn-cachedat: 09/07/2022 16:55:49
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 11307
x-amz-id-2: meBDbODbyOimEAhMw14hAFkr5lHM4K5oRdVsGE/USy4GEIpjRBDc4uPieUt7i6IQu+UVuUWhJ5M=
server: BunnyCDN-DE-863
last-modified: Wed, 07 Sep 2022 16:41:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: d5f52bdb31e17a24699e9223e1e6cb0a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Tue, 07 Sep 2027 16:41:50 GMT

GET
H2 200 flMm5-1662666106-3107-quiz-fill-in_movie_titles_header.jpg
cdnmetv.metv.com/ Frame 9C35 31 KB
31 KB 14ms
12ms Image
image/jpeg 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/flMm5-1662666106-3107-quiz-fill-in_movie_titles_header.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-863 /
Resource Hash: 363bc76c75cd486b049f1d19c49971040660a9913d22e3bfa8af8e7c8ce5c410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
cdn-edgestorageid: 860
x-amz-request-id: FSFXE5NTJ8JNY5G3
cdn-cachedat: 09/08/2022 20:10:28
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 31507
x-amz-id-2: 2rs3rG2s8Uqdujd9UTL+W8jnjgT/p23vJiQeZjDqulAvIEPYiOnA6aRQg8xGg4Cxx4FoJfz8nOfJnpereCVL9A==
server: BunnyCDN-DE-863
last-modified: Thu, 08 Sep 2022 19:41:47 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: 428a611d6fa6db407a12f2b4b6fc139d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Wed, 08 Sep 2027 19:41:46 GMT

GET
H2 200 LH5sR-1662578552-4146-blog-MicrosoftTeams-image%20%2820%29.png
cdnmetv.metv.com/ Frame 9C35 13 KB
13 KB 16ms
14ms Image
image/png 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/LH5sR-1662578552-4146-blog-MicrosoftTeams-image%20%2820%29.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-863 /
Resource Hash: 29c149a1168f34acbe61e1783237cbfff79913653080c87bbc1fc970fbbcce75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
cdn-edgestorageid: 756
x-amz-request-id: SRTSMN0VTBTES7V0
cdn-cachedat: 09/12/2022 15:10:56
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 13176
x-amz-id-2: DNTfjbZzeOoS15Tqry77vRrhDj535i98ZWDivGIYpSojF5+ca/7cKbJmujaxHYZfsNm1aNMq98Q=
server: BunnyCDN-DE-863
last-modified: Wed, 07 Sep 2022 19:22:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: 37d7028111748a8c678b5a51180d940d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Tue, 07 Sep 2027 19:22:32 GMT

GET
H2 200 34.svg
www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/ 7 KB
3 KB 17ms
16ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/34.svg?d=287

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-amz-request-id: 1G8HSCD65HVN4WNN
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2461
x-amz-id-2: CLMGIcr1jZYGsHGU7lO6ahChi5NpG66T5s3jcLMo0gjCQ0cUZH3ZzzoDBlmrov257mdI4bc06bA4C7yEyLICLA==
last-modified: Fri, 09 Sep 2022 20:38:54 GMT
server: openresty
etag: W/"1d595a6d45fb37eb0edbcc239e9c5510"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 16:32:37 GMT

GET
H3 200 pubads_impl_2022090601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133157
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 08:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Sep 2023 15:50:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
132 B 64ms
44ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Mon, 12 Sep 2022 16:32:37 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 157ms
16ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 390416
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 10ms
9ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663000364820&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: rkiezuUV9kxcLlCrTV0qLhRQftZoLozC5gDI6wbMI30ugmDu60upCg==
x-cache: Miss from cloudfront

GET
H2 200 json Show response
trc.taboola.com/graytv-koldnews13/trc/3/ 19 KB
7 KB 414ms
399ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/trc/3/json?tim=16%3A32%3A44.870&lti=aa_test_for_monitoring_var&data=%7B%22id%22%3A248%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662997873804%2C%22vi%22%3A1663000364867%2C%22cv%22%3A%2220220912-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A8049%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4632%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22orig_uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22cd%22%3A512.578125%2C%22mw%22%3A389.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A4279.03125%2C%22mw%22%3A1270%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHomepage%20Native%20Backfill%3Dthumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99c78eec7097cbf19114000da0c0ca5e2cc7f30a3d83ff71b9792b4e6c0c4f31

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 388
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
server: nginx
x-timer: S1663000358.567062,VS0,VE388
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5437
date: Mon, 12 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 17:02:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
53 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b561232d6686611c057eef4a1b0b37438eebaa5f212f7fb00d208d49277974a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53917
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 16:07:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 16:32:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

987ef45056218a6acc24e7b059633ef9a7ca152ed35114627a4219e073745072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74835
x-xss-protection: 0
expires: Mon, 12 Sep 2022 16:32:37 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 177ms
104ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 16:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 54ms
16ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b00b4648-4c7f-496d-a190-dfc7d65fe61b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
306 B 63ms
29ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225f75584e4e2b7d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265e8e2ab2a946c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22790a46c72ff2db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2280167e59e9b88d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94af4ea73ba59612546b35294590e115ce75a8490bc0d3a74b440060aacdd0e3

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L1pOQy583847dQX0saszs5rJUPWed8tuINHswSNdnps6p5ATVDTWvnN1Bk0TB%2BYnG9mb5GOY9ZquWD45hua5zQzHVypcSAXXpa0sRXL8oenpYZJ0GlvuJ4EjZ4nubp1R6zIZm%2Fd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4b7ecd9963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 50ms
20ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: eed6c8ff-f60b-49a0-8671-5464ff44fad4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
569 B 52ms
26ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22118688093de9a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22126dc3685492f33%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213fa306422f6e1e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98bead1cac77ceefd62cfd857c19311a09d227a33a4b7a183165a4ae5d343bbe

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRm4ulJu2C5vnlsXY0MpDQ3GJwLztdT9X%2B7A2uwHy0g%2FJ8FNULO2F5bN89Z1W%2B9PPjQGWKpXgdagd%2BoQUlpCN%2BkfMidqwG%2BE6ecna%2B9klRPBbYxvJgbP0m1jF2gmR9Gxi8D8aId%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4b7ece9963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 228ms
166ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 16:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 52ms
22ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ccd49c17-0a5c-4b3b-8cfe-6483c6465329
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
322 B 48ms
27ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2218a7724617b9924%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22194ab40d7a2fd23%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221024x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A1024%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215902ba2f138be823cdbc08fadf6903c4ee7452f71d425d4f50e795386e4023

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQDgS38g9s%2F7I%2B%2BfdUJMrlKrBgdU%2F4%2FMKyskEjN9QVbjJDk4LM0mSHqRG0NJieOH%2BPOswnhZSKo4d2%2BZ34NmAE4XGhhzfY7RcCNzRO40uRlmwJtiy%2FDolN0VFqMSYBlJ3FYI%2FMzw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4b7ecf9963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 52ms
19ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57a527ba-4ffa-439e-9f9f-038ad42085b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
315 B 44ms
28ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22229ee09f700c6be%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22234197bb7d126ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221900x1200%22%7D%2C%22banner%22%3A%7B%22w%22%3A1900%2C%22h%22%3A1200%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5430c434b8a0d0a78e945f75844b63e6e3d89dbab6fefc2758741a14d0f5b5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2vCo%2FVO%2FjMQFo7kNHhuNrlKjZmD7eo75YLAwZzI5JrKgitkzDeeRQ%2FTgE4mNYyxaSrvH9RhXVZRArxFT8C8R01Myam%2FGCas%2FTP45t%2FHZFPYUZ2ueKzEl5%2FhpBI5zNa0tACVcwTt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4b7ed09963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9C35 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5437
date: Mon, 12 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 17:02:00 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ Frame 9C35 66 KB
67 KB 30ms
18ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1673379
cf-ray: 749a0a4ba9219024-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: Zaye0v9AE7+gMmjI4eNa1AKP/NGf4jSOLN7K1wXtsW4+jGjbVExs7wMfkfUaz5/5TlAB2LTs8HE=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frf7mqnQg8ABNLRi2Q0eR3RjrzCilbhVhWzsm6ScNf%2Fypb25R1snRFU3R0ZEVHmeMBsNNaO8%2Fxpl9NjqQHbgD1ZVtpPPnbSnQselw%2BZR%2BzwdmwOA7Fu6fmSzUpGZQbLzj9dUnPgVrwy7kH4VfKfrN02J"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: VGV893VV4NV1VFP3
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
541 B 48ms
35ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222477e88b69b53f9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22251a220941878ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fweather-widget%2Fradar%2Fseven-day-forecast%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8172606badec8c6f6c958eabb81f78ba4eac9ec9abd5cd8650a83e822160da

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KldgAx38qof0dtTLPw96jF37Ht7yOW5xnbaOvLb2eR%2FZtSOSMT9O1lX9HDEWIOXGXKlhNLvw43dHHAQxyWL94IFGSYwINs%2FxQq3bx4TUEmz8xxRY4uZDxN5QRPXr1%2Bao91%2FwHwZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4bde5e916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 15ms
15ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b31bcd1b-31d5-44f7-bf91-6056c460fedd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
499 B 50ms
42ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22287f7c47465c732%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229a5c39294b7d75%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223037d4b1dad612f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231c5454caea44dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e64e9bc6d7e96a781372aca3abfc1a66eddbadd04a10446816b33db480637f

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b80LjU1rf7%2FkTdlDdA7jtxXRbMlozE9vlEdc1OgWaaSwZHOZWaLNvwUN6YkmJTZmO4BVxP9sDHzvtwEMGzpNiG4njvLW253y4sdl1Mp0Vr2yyPphHZwabLlAtYVk7q3HQ3LQtgx2"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4bde5a916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 126ms
126ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 16:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 16ms
16ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 21c33bc9-e1d0-4c00-b6df-cfb7c86232a7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
499 B 39ms
36ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223645c340c3b6732%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237a928ffbb1a37a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fstory-feature%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e953d8be3894a05b7263b16d09d44c50aed857b54fe5dd952b3f41478dad8b6

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x1pLVEtsB4hM0Q%2FtjtMyJwIOKRtGZu8B8ZkcxcxzcCVtFUba3dTHMt9%2FWAh16cyCVcNyPsKsC4JdX2cGFJ0pZvg1T8pWlczOlsqN0lqJkonJ7oxXsgFTXjrPh5fqf6wLgj17mRH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749a0a4bde61916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 64ms
64ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 16:32:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
700 B 19ms
19ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:37 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4b41f44d-98e2-4aee-a91f-4d5c1189030e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 463ms
463ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&ifi=1&adks=788621628&sfv=1-0-38&fsapi=false&prev_scp=position%3D101%26pt%3Dsection%26cid%3D%252Fhomepage&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365075&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=288&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df823cd9f5cc5e07a9938f023c1d85058e5033132e977757e9f3870a9e60799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8358
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FAC 6 KB
4 KB 92ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Tue, 12 Sep 2023 16:32:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1010610674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAAC~&jid=1233320673&gjid=1492381553&cid=311598701.1663000365&tid=UA-22223248-16&_gid=585617554.1663000365&_r=1&gtm=2wg970MV7SQ7H&cg1=%2Fhomepage&cg2=section&cg3=kold&cg4=%2Fhomepage&cd5=section&cd6=0&cd8=kold&cd9=kold&cd10=%2Fhomepage&cd11=%2Fhomepage&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd14=KOLD%20News%2013%20is%20your%20local%20source%20for%20breaking%20news%20and%20your%20First%20Alert%20to%20severe%20weather%20in%20Tucson%2C%20Marana%2C%20Casas%20Adobes%2C%20Oro%20Valley%20and%20Sierra%20Vista.&cd16=Mon%20Sep%2012%202022%2016%3A32%3A43%20GMT%2B0000%20(GMT)&cd17=%2B00%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&cd19=Home&cd40=default&z=616748940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 438ms
438ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1900x1200&ifi=2&adks=1329624849&sfv=1-0-38&fsapi=false&prev_scp=position%3D1%26pt%3Dsection%26cid%3D%252Fhomepage&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365107&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=-150&adys=186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1600x109&msz=1900x109&fws=4&ohw=1600&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21bc5e8a58c3314c31b6a5f2fb9e308027063e653c4cd6ef944f23d8a7d1079d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9787
x-xss-protection: 0
google-lineitem-id: 6029484182
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396226819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2nquukMIESQteJCgx-7LM1sd4LunuYBacunaeTCI29L1HfM__sF5M44g5qs7wyepvvRjALkJbw Show response
operationchicken.com/ 191 B
696 B 92ms
34ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2nquukMIESQteJCgx-7LM1sd4LunuYBacunaeTCI29L1HfM__sF5M44g5qs7wyepvvRjALkJbw

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ad1498a7b63494d9fb005ed1e32bc35c5aab9a3f94cecc45af77508c8a3a5a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 16:32:37 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 12 Sep 2022 16:32:36 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 40ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RN7RQJ27EZ&gtm=2oe970&_p=1010610674&cid=311598701.1663000365&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&uid=&sid=1663000365&sct=1&seg=0&dl=https%3A%2F%2Fwww.kold.com%2F&dt=Home&en=page_view&_fv=1&_ss=1&ep.date_published=&ep.published_day=&ep.published_month=&ep.published_year=&ep.content_type=section&ep.primary_section_name=&ep.content_owner=kold&ep.content_provider=kold&ep.content_id=%2Fhomepage&ep.ad_target=%2Fhomepage&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=&ep.user_timezone_timestamp=Mon%20Sep%2012%202022%2016%3A32%3A43%20GMT%2B0000%20(GMT)&ep.timezone_offset=%2B00%3A00&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&ep.content_name=Home&ep.content_keywords=&ep.distributor_name=&ep.distributor_category=&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=&ep.output_type=default
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame EE9B 3 KB
2 KB 76ms
9ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F62 52 KB
17 KB 55ms
16ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 16:32:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame CF23 3 KB
2 KB 73ms
8ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3547 52 KB
17 KB 45ms
8ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 16:32:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame F392 3 KB
2 KB 72ms
10ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0321 3 KB
2 KB 69ms
7ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9330 52 KB
17 KB 46ms
12ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 16:32:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 213F 52 KB
17 KB 43ms
11ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 16:32:37 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 16:32:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 17ms
16ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5437
date: Mon, 12 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 17:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 113ms
63ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 16:32:37 GMT

GET
H2 200 476dfeb0-1072-0138-f111-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 0
783 B 85ms
18ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/476dfeb0-1072-0138-f111-06a9ed4ca31b

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 12 Sep 2022 16:32:37 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: FxQqA7ujjT9Xw0gJWyUh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 71ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22223248-16&cid=311598701.1663000365&jid=1233320673&gjid=1492381553&_gid=585617554.1663000365&_u=YChACEAABAAAAC~&z=1886580161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 16:32:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 69ms
68ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=3&adks=427870254&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365212&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=315&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1600x125&msz=1600x109&fws=0&ohw=0&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true&ga_cid=585617554.1663000365

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2d31b22c5fe03ddcc58939f2b17f34482eea6030850b878d6be1d3383e525b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12907
x-xss-protection: 0
google-lineitem-id: 6029484218
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329851183
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 54ms
54ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cweather-widget%2Cradar%2Cseven-day-forecast&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=300x50&ifi=4&adks=1640516046&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365287&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=1135&adys=519&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=282x50&msz=300x50&fws=4&ohw=300&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true&ga_cid=585617554.1663000365

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ff62e5912b95c0c2180027147f4b549a001f0ff111bb405d1db0c4c0a8fb92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11904
x-xss-protection: 0
google-lineitem-id: 5863584462
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396225448
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
42 KB 551ms
551ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&adks=1671100310&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365298&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=165&adys=1874&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=1270x157&msz=1270x125&fws=0&ohw=0&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true&ga_cid=585617554.1663000365

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84e925f200e1c3cf6fdb79ab69bf940c3df562ce54202ad1816598941230670a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKL654zXj_oCFZgx4AodRZ4JCQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/6623718865651212910/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKL654zXj_oCFZgx4AodRZ4JCQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/6623718865651212910/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42637
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 12 Sep 2022 16:32:38 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
42 KB 793ms
793ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cstory-feature&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&adks=2340954388&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D3&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365307&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=165&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=954x141&msz=954x109&fws=0&ohw=0&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true&ga_cid=585617554.1663000365

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10f22b5a4ced1fcdb4791fe6b2df0d7b01bf237571629b1da96eb341ec7eefa1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnPhY3Xj_oCFfvxEQgd7-UKhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnPhY3Xj_oCFfvxEQgd7-UKhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43155
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 12 Sep 2022 16:32:38 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E819 15 KB
6 KB 13ms
13ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112124
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:37 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:41:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 24A7 15 KB
6 KB 13ms
12ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112123
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:38 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:41:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 85C6 15 KB
6 KB 12ms
12ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112123
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:38 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:41:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F6C3 15 KB
6 KB 11ms
11ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112123
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 16:32:38 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 23:41:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 776ms
775ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=513852309635256&correlator=557237869582194&eid=31068929%2C44772497&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=7&adks=1891466339&sfv=1-0-38&fsapi=false&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663000365323&lmt=1663000355&dlt=1663000363074&idt=1852&adxs=1135&adys=628&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&frm=20&vis=1&psz=300x317&msz=300x285&fws=512&ohw=0&ga_vid=311598701.1663000365&ga_sid=1663000365&ga_hid=1010610674&ga_fc=true&ga_cid=585617554.1663000365

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1b2d52ccdd512aa9d114820047edfa0d041cc56d0f719d51ae332d1f4de5e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11737
x-xss-protection: 0
google-lineitem-id: 6029484362
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395751480
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20220912-34-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 14ms
14ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220912-34-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7aab757e2070b49383573d06e611b14aef47a68f97808c4510381adf87aa0730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QMBie9MlDyLXWuzuhlt9noTtlBIicMuc
content-encoding: gzip
etag: "56c5b3c3f2233e7732172ac8f86d97d7"
age: 2012
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: VpNBmghEG6Ftg5MDehj5L23ff/p7VG9A8sCOjdRhUrlyzCQ3zC6Yb9l1YZqwkDF6o7jYH3QsYs0=
x-served-by: cache-hhn4078-HHN
last-modified: Mon, 12 Sep 2022 15:56:29 GMT
server: AmazonS3
x-timer: S1663000358.069389,VS0,VE0
date: Mon, 12 Sep 2022 16:32:38 GMT
vary: Accept-Encoding
x-amz-request-id: BDNNZAX6JAVMNFV1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 7
x-cache-hits: 291

GET
H3

200

B26996758.345480460;dc_pre=COCP7YzXj_oCFdAz4AodltsKrA;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_pre=COCP7YzXj_oCFdAz4AodltsKrA;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_r...

42 B
63 B

56ms
30ms

Image
image/gif

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_pre=COCP7YzXj_oCFdAz4AodltsKrA;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=kold.com

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B26996758.345480460;dc_pre=COCP7YzXj_oCFdAz4AodltsKrA;dc_trk_aid=537205216;dc_trk_cid=177467948;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=kold.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB89 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqowbX3F0M5i9I5gmxibmhjiIW0JFOxjmR0HcjuT7bX90Kz5fOIiVjdo8LTkYDK6xNRtxBQDQSWhoYiWCPzf1xmKb6nDrT2LI5vV0gDC74zcEtOi71FszIzG5VR1-cj81RZoGg5pWFnH6yo5NnxpkT2gmiYkLa-3ATaQk1wa1Wdcgs64DBFvaF4D5ypUXF3W_fIzRfnnf-pAn_bUSEQxF89Un01j1r_0erb_GertQqiOVnOg9R-Xnng9Og1b9dLUni7qo-hHwzgC5X_s0scSsnNN6TJvXCF41g-85CfqPywcdWmWtgr1zy9563ijAQsKkcE8U&sai=AMfl-YR34cApM4a2aLxA6BVx__QQrxdI8KJl-8zDeM3QmlANdsTxJP6hxk01LjDTTsPATnhot_-DQ573oATA9ZfXTttLVct8qOxEYJYxsJ616uSnRzLkHmeyD5ekpyUX0SReEw&sig=Cg0ArKJSzMFqN-SBuZKGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 iframe_buster_200_260.js Show response
s0.2mdn.net/879366/ Frame AB89 76 KB
28 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/iframe_buster_200_260.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 20:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27697
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 20:04:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB89 141 KB
44 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94AE 0
0 48ms
47ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Im6MnbRzh2SW5AcbZPow4iBSJcT63Ztj-HrasLix3FztW_Q7DpeIvytRPJ6u4iST7VsefLs4Ox8uVlX_BgC3nCre_HLr9Ot5JvGB0oqAp2mKnzaup0JBDdhXnH7SpvM2d-nqyNU33nJZ6xqMEAshvkDfTjxb-3GK4mZVrH03iMv7bcQ4MyXDXRtx_THaZl4xwmy0_j2BtZ5ot_XzOY_7oBUlLUPQ9iPLjZ33sbw3AoA6mYwO4Rfamr8WeNJxkW5YTM3g3ZBRyzKzg9QyEF7d9HL_bcKe6eiEBNk58rMkYUew2YffBjZSgZF9XiyIHa-HZRa3sSl8JfXs3ptcPZGaWmR7vWoMvBu8tVzmqYyuO4IjLTFFIynNET8&sai=AMfl-YQfRUtmG2VHB8Jqq_FmikfJZLSGKFQfYikqMa_ObcjjJ7KZqr88dsJMDiRk0pXhX2ndxwUjGwsohIIaA-_1sqlocuqK31pZQuK9-lymzmw_nVVjdl0k_cXo75XHX9E&sig=Cg0ArKJSzEdqyvmApgsvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 94AE 3 KB
2 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:20:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94AE 141 KB
44 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H2 200 14672010335682688765
tpc.googlesyndication.com/simgad/ Frame 94AE 10 KB
11 KB 37ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14672010335682688765

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3108a08e169be8e2b1246aeb92bddf2128937f96cc5be3472f6d73a083d23699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:25:20 GMT
x-content-type-options: nosniff
age: 14838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10401
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 21:21:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 12:25:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 94AE 0
0 44ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSucNZMNHQDZzpqC8AOVEBdEGj0mYjbOxb1AsWJMoDgWSYhbnh8963k8PlXOPOmnNDBN3YphjO8uNa8SBvGlgv0kXhZ5A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 3547
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
809 B

35ms
34ms

Script
text/html

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f815cf39-ab26-4db2-aa4b-f6c6fe15c069
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2d57c895-86e6-460a-b1d3-14eb2b6ab8aa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 213F
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
809 B

26ms
25ms

Script
text/html

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: dcbcb047-0f80-4468-b334-3dccf008956b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f5c13123-279e-459c-94d8-9bd643ee62ee
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 v2prenbvBaV2AYOhhzZusbunrs0oSw2GNNezhzlDXPj-ZaOSd_R3oh8tr8sdEZ-9pEXh4M3nRdw Show response
operationchicken.com/ 3 B
27 B 155ms
128ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2prenbvBaV2AYOhhzZusbunrs0oSw2GNNezhzlDXPj-ZaOSd_R3oh8tr8sdEZ-9pEXh4M3nRdw

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 16:32:38 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 9330
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
809 B

14ms
14ms

Script
text/html

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9274bf9-24dc-4fcc-a126-446fcc88cb9e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 71422d59-70d4-413b-8d17-8af5af65e6e6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5F62
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
809 B

15ms
14ms

Script
text/html

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a4d67e92-39c0-4205-b3fd-f87d9b900d1e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 782dd1d0-168d-4e9c-b301-907ef7e0d6c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 11cd8a3976116bdc2cb0d90f8fe6b327.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 15ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11cd8a3976116bdc2cb0d90f8fe6b327.jpeg
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 797c73c19ec76b7b5c9645641f0745aa60a66cccbb1dcd94a8d7b7a30b5b1460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 12 Sep 2022 16:32:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 616903
edge-cache-tag: 304092979970217170094667073607247797382,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
cache-tag: 304092979970217170094667073607247797382,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 825
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11cd8a3976116bdc2cb0d90f8fe6b327.jpeg
content-length: 5750
x-request-id: 77895e0240262ba9a77ea4d7954c8070
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 05 Sep 2022 10:47:35 GMT
server: nginx
x-timer: S1663000358.180411,VS0,VE1
etag: "4dbc05a0dda4367ec056df8997598853"
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kiad7000091-IAD, cache-bur-kbur8200086-BUR, cache-iad-kcgs7200076-IAD, cache-hhn4078-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame BDF9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
2 KB

71ms
36ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a8ba0e067893b9b18ef4d74ea584f3f06857cc1b96e2fda8e67d0f3d05c111

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4f597c9b49-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 16:32:38 GMT
dropped-udsids: 230|39|241|45|51|10|40|5
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGaKYdmI0EPOpg2CulNUg8ozeVWT6IswjTMujQeTwvywa3j%2FxQOVPuZuLQDPgBfKjyBNHZv3x1itn%2FqIK6OWV0wZnSYZTxOiqRKUkJnk8DYnEmEKNSIYMkOUrkuykdmiZH7b"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4efcf79b94-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wskaX5%2Bps9vSjFVJi4ziFLie%2BZIZhFTcsy54blGEp5Nf%2FgmCqYSojyjtyV7Mfd2%2BwqS67N0LatjLCMxfnqcV1MsKHaHM1ZNFaqaG3cZvSveo7xKHuwpwXVxxC%2FEQqYiO7DVUvr8a1fJXbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 94AE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b323045b289df04204bbe451316cc6424b25f3cd54c0715ba4f3b6d87e89889

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame E45C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

63ms
38ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c9e50866b2218b74bf07b2e88110ea4e42cd67c1789129a1d228994f9f44722

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4f69819b49-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 16:32:38 GMT
dropped-udsids: 45|241|230|39|51|11|41|90
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yc3aL9cCAiuANMyP%2FjAoiPfkK3o9qngSl%2BYjyW%2FNJhU7vcW2nIG6ZYKiDl5Qzk%2F4tlj%2B%2FthCI4c%2FjBz%2Ba%2F6W57%2BgpQCyidTvDSUy5%2FQbnl%2F%2B9Pg93%2BRldr9ptStXAyM0FT9s"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4efcfe9b94-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4gjDjQaAJiwXNNQTzQ5hUOViOdlf%2FV3d0i5vK85xQVjDPhuTuSrhVD3cF%2BezTl6t%2F%2BIhgDTOrNZC92TxYANEhmWs1NguNhL2ADFePBxNk0Pd7lBssNQLsF1DUgahkPvSJ5Emok%2FiapUyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame CF31
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

69ms
40ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2f6441431e44c2fa924b19b88957348e2fed686d5e30f667b67a92abbb2c21

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4f697e9b49-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 16:32:38 GMT
dropped-udsids: 241|39|45|230|188|206|156|18
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLq833WOADj03zmKV9TccX2pheJvWteuuvvIW0AuXmapFD3gqUtccwHg3RNLBT7gxOtamCdbVvD%2Bk%2FOCl6d6baTc7FDvSZkHdSb8bxbxnvJU4OiseRI3chcIixWGt5OGK8%2FD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4efd039b94-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rGoMa99sjesxfrQzP8RkdSdWUhDL2CWlMCE5N87rhnpTzgOV%2B9NpoUco%2B0pEj%2BiUPJZzTiSU8ELUEMNKSLt12YmUoROoZ9V5oi1eA%2FLWTlaBAhuyy05x1GwUh230UYWoXk1feqUVf4prg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 9173
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

68ms
40ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98692089d29092690e90786055698a3f1edd408aa919b2c7b3309033682e88d0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4f697f9b49-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 16:32:38 GMT
dropped-udsids: 241|230|45|39|4|26|73|31
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWns3QVDHngcZGGaJJKGL9bzzKTtOKOd8115Yk0ggDqx7AsN1mjESygZ4D2Vf0vmcsqYLBt2HATiiUCEkzIsMm4AA5UCp7B%2BAnJrRLf9FZ2SarmstBdgW77xlGd0Zo98rziZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749a0a4efd069b94-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3aR%2FsX1akRFM0CxdoSFViVH0ZpD%2B5h6KhKeehjuFRTyJ%2FC0ee1H3FuE2nbDQowngAH9%2FheHAYx4%2Fh0Y5bs2ox0oDoG%2BzfTwOBEwwhufQKxY2efpgt6YROFGYR6u%2BYv7zzb%2BYiSXR0DtPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/ 2 KB
1 KB 74ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/?random=1663000365518&cv=9&fst=1663000365518&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff4dae67065454b29d33c329f68e3668ccc8d2d9f3d466d911e2ae0972f160a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 998
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E819 0
42 B 86ms
13ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2805010&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-length: 0

GET
H3 200 61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/61615318/ 4 KB
1 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/61615318/61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1479
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:44:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:40:04 GMT

GET
H3 200 html_expanding_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ 200 KB
69 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70581
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:13:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94AE 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus9M6pxvl5a1jbFMpq6hCo55FjrJZ3CtjK9uB6l9xc2JJAZ0sgX2OfF_jKZaybrnj7nweYqKdomG3fEQYMvoh8l7KvNkrlEi8pOE9wNfL44qk_Q7RExl-QFZHAVwXvuJyqWB26nXO3xeeK9iI-06WUvCfYpBg7RiwxKzN17CbjLnlU1zlPCM1qylNuJsAm8W116N738RWTeClhZaZ1YavcD7OO1IhnJ6TiRraOraqzGZbVvcz7Fd4JAKzF6n94kYx09aVmlA3hg7K1ctJeJU1cTEZlVJKUdDH56HuZK7KMm-lrbyZ5iuj-afSG2v7Hp2IGniCENPakRSF2Gs18Y18-4_G7FhJ9v5ZJ9xLM6Ws6YBi5npSYIUwXIbPYeQ&sai=AMfl-YQ-bgFehTTDXOlyjGAVTmnKYaoLqvi_PCs6xTjMMC5k_wRKAMFbnY5r0TWjR_7MarNA6vn-VTTX1yj_rF2zfLf_znfKeEWECCVHJLYqGLfygBTuDC1CFlZiMk-Cnk0&sig=Cg0ArKJSzCy69Yy0FX7iEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB89 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdhRCw9i5eMo4Fw19fCFsiRMizR1-20zsZwpm6HiJ0skYo-o25ph1wbOziVO7PNaS9Lcf6lM-kn5STkG_yAVT17ofh4_KtAiwCa7Xz_f59dD5yDP_zlx09wG2bpjMhppI7577uuNs5uxDKB5x_dhQlGEDqiV5-ygD80ec0WADsvz-AQvDeMxv91EBcNmYAsM9HImK9OAL_f0QDc08WtX4QAoX7SwDhnDbnML7owAikKCYdz2DHiB9ix7U7_tCCjmx7wroxxG35rsKChIQUJgUm1F0BFX2ioNO87DgpL6Rv3XJoLvRd1nODHHlePtWxyhhHfrEvTg&sai=AMfl-YQusbIVxZIh9ZgegyVzo2lWXoPYT7SKw3b6cKfIDEJehqM4506mRh9CXKLe-mspeIDB5Tir0qtmq6_uGEvNn4bMNfCUeVw5VH53tNtCJk37_ytlIV1Hhyz0jV1bdyd0AA&sig=Cg0ArKJSzGweUqLiOPFvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 container.html Show response
47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D052 6 KB
3 KB 29ms
12ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Tue, 12 Sep 2023 16:32:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F48 6 KB
3 KB 21ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Tue, 12 Sep 2023 16:32:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/680197802/ 42 B
64 B 46ms
21ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/680197802/?random=1663000365518&cv=9&fst=1662998400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=1398761685&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/680197802/ 42 B
548 B 48ms
22ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/680197802/?random=1663000365518&cv=9&fst=1662998400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=1398761685&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 144ms
30ms XHR
application/json 2a02:26f0:7100:594::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV&d=www.kold.com&t=5543335&v=1.720.0&sl=0&si=743b8af6-65e5-42c6-89cd-a95e8924b585-ri3vag&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677262
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a700e5348843e1453c39144a1eb1f1eb2cd30ab684e78222a767541eb75f3d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 908

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BEF2 624 B
299 B 123ms
106ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVwV7ebWEeygE9Wa7D2WDwgiAeW1IETkGE0x7nM7dd-fRcOxs7fWrc-ytkuooco8fx4OLobnwE4yIy9R06YJTfgGEfJSO_DvGRvU2HNZuPbV-EkAWi215Kg6x4QEpCfuATa7Rn0gFCWyMY-dRSCtApe0WW05O39IbgMo0r_e4xHZlo_D_g

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: Mon, 12 Sep 2022 16:32:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 158C 81 KB
34 KB 76ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaXHYslpXOBpw_2CGPCxEhAMWm4qUX-FshjBuBoiFdmKMKB6KqoSC8PMW0r--FHO8xBCQrf82BWY-8r3tZwY1DAUduCg&cry=1&dbm_d=AKAmf-BCpu8clyTEZwQptO1oDY-7zmXsGw8_N1NF-ObcvPKtLKxso2kELQTGvnfNBGCrEOxpQSwTMvWAMo50ktxB6mrkEJwjDaEm1VW-5j72wzEadyojfxdxJfWtO2xWvuFFoISfNVXTxoFf93bqQtJttWorv-dI4RnmCvXFm6EWTI_10lJKWFlln8iQLXXkRjuXnXZ-VV1jLHmzEMnIhhcuFM5SARL_e76nzXbgdBvYkAsmhVR4hrsgL9zPcYb7QSO3MsDzIgiLca87Svsqw14HP8f0TfAbpC_gLtY5NZ82PpstP6DkEXgghiDJSIaBU2hIuSa_JEqEeu9xOc2Tn5A-4cbUB0MhHA_T8VWM9P-djpsORQBYM2Ecwyy5D96Rh8Pc7kywy1UBffgDHQdHO2f_pd03HbvMQP3CkbPeCrxGJzjT-P58iW0wlfbelCyLspwjgsYrlBs607LGKL4BZfKvmseiBG4USDVvj9yPnvW5zYXodZ7cXVnIqk_J4_sBr09QVAPDT6-9iSyiWUQEztBS_FJTIs9LkMIeVJI6rS4Idb-0Mrjt3ICJMamac2Z9iotm6QQOFaqZbZYPDzofxad8xcCT6xBvcQ-bcUj1MTuJnQWAvWxCOqMA02yJaceSMUzVk5fdG1LLB9khZjfAKLST4TIU-3AiRlbEnJ8gKRfgwZi4Zn9VSMF-4NCL_6Ov2rdstSIm4dyk9Sqa9aWA2_h5JZXX-26wF8AdQGWifTzL_A53t4EaVgRlBwSplhRQyTqjzlkntCPnJVhiB7HJKpAbMHOCL2PzQoEyo8FSBLuTs2UCjE-kstbCBKB_zfEA3imsc8MLzT0t4cjDr5JAD2dSHIm_irmfe8w4M53L-djpg94byPzSGD8gnlxCwMVcwBAobPn46chb5bxv_rnZYLEjkOzIuwT4WkoT0dDjZyVtHEbxJ2GkLEBQR6FBJpoOKzgPja0IpCq7u1FXwLcklKsMtuOatQgV_js3xpdVcm-wyF9jv10Z-ThIslj0eHETTUNT1dS_sb70yrCE82ibGuUo44j699RUOlmW7E2QWqQF1SlvFG3m4YjiGzPoLti0Fysf8kL5c_DwqcZo636QMHuEHkxRm5kCifvJ2WQErRNGFwtBP2KjgfpyjFmHWXBt0aDV-Qd4otLGIJBwSMh_10_Dt_XvCJ7B_QQrdPMVmyc7ZsDsSVFpL0ohpKXw365UYoO3WSACAEs_udTXX2v_v3L_owLwtu8edIqscRJs4FzF6Xxh3ADCfRsRXTugCEdFx0sJ5RJqppU1mpUbQiBvfu_lw8LZLk_hOjCYGBPZqd34U81F5KJWI_X545qx5IyTzLFXsww4lxm403uDLn2Bcn5hpCDfbuiSuCmPj9D4XaW2t5TnnPoAu49-4lBBAkOH4EH9oWlJgAMmPKE1J1GUmx7R8OcbFAYL66wUzH4PJYva1osvFhmhqFLABbdLbUyE9yWB2-GOevglcG6cxmPjUT0ZbP6Y0cM1IDGhCpjAe43kugLCXuoDNDj8b_9kr0d52KNcg4ttIcDAqsW6MrlfOk2tRFxEZ4JFfJA3LWRL4cc-zJ1TAXE6VMyhNIve6UX76k6_7UdeDRzRvJmc2q-tF1ckUbDZKZtzB-O0cqB6gVWVLvJoY4y_IRgJerYT6KVoaYPJjHPk6ATlNS9jjQ80LJzUfPMKlynGqXoUeaaK40g65zUsJoObOBBdijAgeWKSHTT6otyuBSwuI0wZQu2f6LrDEQjzCRxdC6R4d_KEfvOe05osBR7cqtE4W3VRJ7IG2H5j9o9y4uWmEoUis9eUlkZzoxP1tRCxCTkFhoyHZvsnHm5rh_GbszzrLbZOeEYlHBgx1VDYMbJLua-5PXq6hjD7WNq_SUslvE_IaYVarUuQZWDhbpF4-5EdK8Init7ZASZ_s18HpeZbYE_dMFsxqIFS7jsW10biZyjTgB3Mz9PatIwu-vuO-u1wJCjl6sx5Hx898QXs8GDZNzrIEWBQ3cGl1C0UUPBx9_l0ywdONgYfEZA9wrTAPNseN7Bh-UisIt1w6YeDwJxqh1WgLyzugyO52pTyRBAVr7WtiTFvI09ZYBoLs8HafzJgA7kdCqg-1iM_e3l1_WJiR7CgNFYo8g9c94RsTN4_p0MXmWw5YnE6Ks8uyy28ssxLSY185FUx3Om-jo2Ccc-_dnUxYLFyq8REHa6L7YVVLoaK8HX9bl8NKvD79pk4Mn5CyabfXDIVjUHZLFJjiSbuc-1kFyCuCrRYNi5jPLLrbzhfPvFqXid86FFQEFVc0QsCU2YZLI5pg5V4StH9cWjXkhK-Qmp8Q68ORfpc5T1CRkYVW9NYj-GHnf6j2q_l55c0QHBQN_CgXrKhpNGsrnHAFQ2f9g_R_fboKc1oGlZYCYeZiWP3bLvG6-4c7ssMsrzSsswjuLgUeL8tlnO2IxGYfyMBmBunxroQiXzqXK1oUU7bhzymXOEazChKa9v9bzDA25o9Yvh5YP1d4Hj7BZbOKyUG5g7sSnJwQy_QX6S5EJjzTjN8UlHqwgzjo4zaDYQ-m3gdZObTn5j44EMT_iBXxMfQe-VqfPppdMAi1LUNvVsbNQ6GqpHCYJB7YHJmjApopzoNsWMTjGalJs39BynIamgJzvMUgNwZnc48S3vzdsTFeYgrbsi3192GxV3Py7AOq7e4VJpvW9QGg2_pL1etMyovLpP6-COgZt0I8IXVHaIunfCkXfGINatKcx1veMU4oXKWRTauF7XUtEzkjBh5eFKXgk3A2pPe0U4KheEJUf6BCkeXxoUhnUIk4ujNG3M2kIztdBloXGbdas3qXT8y3hL3qHEuvPZv2tNeezTFsMtPDM8DDpmnJuFgVSaMfHN2Q8Kw-BlUYNl2Po6pSF9EwiE_6T9u7zq9aYIajDHHpixocmZhZtcT5qiJL1BBxgwK_5NLLE-31IE8gO_VKkAmBZTZHxjeC3097WRNa5P67w0aNI2i5ML4WkgMQ72k9UQgst5_Y3e_zxYDCYT0o26sXfgjdNt_3ZUnY8Fk59nTS6JnhGnY6EPVE7BMgh6BBDneSWsikBYVdYuP0sp6ec-J69ZCH0OdrlreDjtvPPx_m8HhAmOw602CBEPGCgFqXAKmQC__wC6B9Qjlr07GYauSTR6myHJykZjh2PLNgEiF6MlXgEpIMW4G4_0W1_P_BBaTnNYxfTU2u8khxPnqFvAxewFHyPCgSmtfHMwsWtu4Has8PoIALPCvOi7vhI3UQbpSDMyeaPxWTwZbd2pGLXoB9EvTfJfqzie9WHER7cF-rLLiPYzWynXhPkGVev7SqB8EjspkM6znfncHjXlqCn_M12-ep_l5FJL6dKY0P34ycJJk9SlZ_MVFEFYnGGiE0CQ&cid=CAQSLgCsnQUxr2OGDgEmClDBPpEc5ehYBFw__36PiRRzBp8xWJY0KXceTx2dOefgBeg&rfl=2%2Chttps%253A%252F%252Fwww.kold.com%252F%240

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

defc3b31fc92aba5067fe8162a267d418d1296928c22dd232432b7dc76c7148f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 158C 3 KB
1 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:24:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 158C 141 KB
44 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 158C 17 KB
7 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:31:18 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 158C 42 B
494 B 64ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9_qc3cnygCFpGZZVs3Q8pt96XEYsjXG9TFE5xrhNQOG8W6fhuSHYtSrdrGlZ7FnmaI7wuEkjF_FNLuEH9DNqtlkuMGuRcqa8J0GBEjyOpSyGbXhA

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame 75E7 78 KB
21 KB 37ms
35ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=k6MR8w3ZCT&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 21323
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: Tue, 13 Sep 2022 16:32:38 GMT
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2F48 22 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 09:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Sep 2023 09:18:57 GMT

GET
H3 200 7274918930037886235
tpc.googlesyndication.com/simgad/ Frame 2F48 258 KB
258 KB 13ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7274918930037886235?

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:38:56 GMT
x-content-type-options: nosniff
age: 24822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264404
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 16:09:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 09:38:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F48 141 KB
44 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BDF9 170 B
502 B 79ms
20ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BDF9 70 B
265 B 108ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BDF9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB&dcc=t

43 B
568 B

98ms
98ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: BTRRFT1GF0KT0J0ATRVN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: GM5KWXY11EHRQH770K1W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJj0GmWx-mBLTzpw5ZQAABKMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame BDF9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

43 B
844 B

27ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a515e9492a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQJWkr%2BuTSofjMEZKA2ZHcq5FR78XrytlO9vzXAa%2BMtekbnMdwBI4lTr4AaYxj1j3%2FAMJBVQvMVQHNgqHhS1qPi5HSrRIieFehwnCFHdmUAt6VjxaLYrn8wRXA9fdq4iXhao3SU5SN%2F0Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame BDF9 43 B
220 B 114ms
11ms Image
image/gif 18.194.190.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.190.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-190-42.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame BDF9
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692427341594

43 B
844 B

45ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692427341594
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a50fe2d92a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5mqouH130aOMkfGqMhvX64wmL5Zeo%2BINJaQiUGiW%2FBLk5Zc8uGtzN5D9Uxw7goQgJKnG%2BqWZQ%2FRrFi%2Fs62ja9lQjceHDduW38OYgck555apHP4pJEMQuxxLfl4l72QWLh5Cf2BntxUk9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692427341594

GET
H2 200 ix
ad4m.at/ad/sim/ Frame BDF9 0
0 67ms
17ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame BDF9 43 B
103 B 90ms
20ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx9fJj0GmWx.mBLTzpw5ZQAA%261187
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a509b6fbb8f-FRA
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 176
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 20:32:38 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E45C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

43 B
845 B

35ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a515e9192a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yWG5rflkVH2YwT9Ue9Rb%2BprD%2B1cZPa3%2Bpq9ye4BZND7n6XHYFKm4OoktN57wGbYIKAkuCBEYgdZ9svPuwtNN6KMGbHSKdqebtjBCAR6p%2F7YSa83wrUIFqjcRvNP%2FgTYVlJ2QLl7r5tt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E45C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB&dcc=t

43 B
568 B

100ms
100ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: QTH41HJAGMJ5DNNNBBN2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: YH17S39BHBQKE3TXNXDR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E45C 170 B
232 B 63ms
21ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx9fJkXRXOIBY9c4eYHh0QAABKcAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E45C 70 B
264 B 92ms
37ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E45C 43 B
220 B 124ms
8ms Image
image/gif 18.194.190.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.190.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-190-42.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E45C
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d29e4d80-3fdc-43ba-ac09-fa88a765e1fd

43 B
881 B

43ms
25ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d29e4d80-3fdc-43ba-ac09-fa88a765e1fd
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a50fe2b92a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFHjBZUGE%2FBa3XlqzYevbhJBbzSqFpsBcA8a%2FIsZuKvZlBsWF8JN9056pf9vdXpEzkG45Lz%2BMls4S1pjHqk5AQi8%2FFG7PWO0N2Ikq2UVpCZkYMMomuw2q5l0SrEpD8t4PYdFH2m8K%2Fa0qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d29e4d80-3fdc-43ba-ac09-fa88a765e1fd
date: Mon, 12 Sep 2022 16:32:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame E45C 43 B
408 B 206ms
13ms Image
image/gif 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame E45C
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

23ms
21ms

Image
text/plain

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 11 Sep 2022 16:32:38 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame E45C 43 B
102 B 87ms
19ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx9fJkXRXOIBY9c4eYHh0QAA%261191
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a509b71bb8f-FRA
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 176
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 20:32:38 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9173
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

43 B
568 B

100ms
100ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: HPBQRM5DA98919GD9047
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: JGG79BZ5SCC3T0G2X7SG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9173 170 B
232 B 77ms
22ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9173
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

43 B
843 B

31ms
31ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a515e9792a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMwD6Ojc5wDGprJTt3aXYb0ndMO5QzGcn27PRqsNKdEazD1VLKbClwvGsmG9Zlno9iCiOHPdwbG0B7tuVW7bwSECkqZ6%2BSi%2BHtp%2BIOdTDCr3lRQujeGeO%2BzcPUKDiUT24BidXQsU0YJowQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9173 70 B
264 B 91ms
37ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9173
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4493630889935331249

43 B
834 B

29ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4493630889935331249
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a511e4d92a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SD4w0u22vK38SahYhZuJo63GgSYULMpjdyv7PhalJiHfW17it8fhj5lBz9pT47zWDZgru2tM2h4ssMi2WVVVv9orLtc2wN5lt7cOgo2eWc5ftnepGQDtxQc3sjmODiKR%2FMx1mBef1fNk2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4493630889935331249
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 9173 0
99 B 147ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAA%261206
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13306

GET
H2 200 Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9173 43 B
1 KB 148ms
34ms Image
image/gif 2a05:d018:d29:3602:330c:6850:f997:69b7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:330c:6850:f997:69b7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9173
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162867581395166079&uid=Q7162867581395166079&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

13ms
12ms

Image
image/gif

92.123.21.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 92.123.21.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-100.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:38 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 12 Sep 2022 16:32:38 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9173 43 B
352 B 84ms
19ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx9fJn1Dq3NPYHQ2ed7yWwAA%261206
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a509b79bb8f-FRA
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 176
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 20:32:38 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CF31
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

43 B
568 B

101ms
100ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: RNK6WH5359FS6HFHZ277
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Y0AEQGTDNBJEX7RCMG4E
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame CF31 70 B
264 B 102ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame CF31
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1

43 B
844 B

29ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a515e8e92a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG1mzszuJFEHCf5vTH19ra%2FU6fgKAgNbXBr%2F%2FE8oI77hxCzeOeHTfQs%2F0Eeb3u1nf2e6xnF7sH06l8Bx2w%2B0m6zy%2BLV7A4VcOoE0aTyprJ0GDYiWHpLyLqKSazzDeJISotIX5Dntti0jpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CF31 170 B
232 B 55ms
20ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame CF31 0
35 B 322ms
95ms Image
text/plain 54.146.231.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.231.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-231-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame CF31 0
125 B 71ms
10ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx9fJn1Dq3NPYHQ2ed7yWwAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame CF31 35 B
263 B 322ms
99ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:06 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-type: image/gif
content-length: 35
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame CF31
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678638758&external_user_id=b9637b86-0071-4bcf-96f3-edfaa17d7408

43 B
844 B

23ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678638758&external_user_id=b9637b86-0071-4bcf-96f3-edfaa17d7408
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a51bf0892a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnLNOO2B94%2BBpOJaAK8fd85tyZMWNkJFKUKCCu%2FRkWrOcYHKEHYdxRan4VpADgtT%2FiExb7MFN8Fn8exg8CWKTXDq2HTlqhU6NS15qpzGcH8WtsH%2FNYJXXj5Xxe4p824WY6SUALpTiis6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 12 Sep 2022 16:32:38 GMT
via: 1.1 google
access-control-allow-origin: *.casalemedia.com
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678638758&external_user_id=b9637b86-0071-4bcf-96f3-edfaa17d7408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame CF31 43 B
103 B 86ms
26ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx9fJn1Dq3NPYHQ2ed7yWwAA%261206
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a509b7bbb8f-FRA
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 176
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 20:32:38 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 12E7
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

96ms
95ms

Document
text/html

34.236.72.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.72.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-72-34.compute-1.amazonaws.com
Software: /
Resource Hash: 79c47417b46a266ca42e19babddbfb31798fdb0dddb300158d3a3f18c7f87712

Request headers

Referer: https://r.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Mon, 12 Sep 2022 16:32:38 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 16:32:38 GMT
location: /um/cs&eq_cc=1

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 75E7 110 KB
38 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=k6MR8w3ZCT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=k6MR8w3ZCT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 08:22:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F48 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ-qdyZHzI_Ct6bUoD7ndzocYrvxed4bXEro0pb8CT9derYKHD4FGy3i84BRuhhb35FlCBu0R1xhDPo9BqWyVOTmHgVAIRu9FlV0sQvdM49_qQXfdoURUTI6T1vmqj_J-kUAzuUKWZotMuyFzSSizDz9kyQx5Y3pDkhhigxRJPoqR1k-7TG1jXTle4bKhPhbxGQzyVDYNz0YsIGhVRK0Rbhvs7cGJ4jygQXx_N4LVepwG_3Txupnz6gqiJK7AQv_lt8ZX4OgAuUT1HkVfQR7W5ym38H6NCQbSY1L75e65ngSPO8lvuuJVbul-RKB0ZzfincOGDGw&sai=AMfl-YRQwPKbyfor3F1aWSKxKX8Kq5Za3TIlIwIQm4q5UJB4qI4akI9AxZQLUWPfSqGjbfDB7zkLzzqpRthKj2PO6ADRh12yHrgWllpWJV-DfAk&sig=Cg0ArKJSzGtOU80SHDIEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 158C 106 KB
37 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Origin: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 15:22:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 158C 8 KB
3 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaXHYslpXOBpw_2CGPCxEhAMWm4qUX-FshjBuBoiFdmKMKB6KqoSC8PMW0r--FHO8xBCQrf82BWY-8r3tZwY1DAUduCg&cry=1&dbm_d=AKAmf-BCpu8clyTEZwQptO1oDY-7zmXsGw8_N1NF-ObcvPKtLKxso2kELQTGvnfNBGCrEOxpQSwTMvWAMo50ktxB6mrkEJwjDaEm1VW-5j72wzEadyojfxdxJfWtO2xWvuFFoISfNVXTxoFf93bqQtJttWorv-dI4RnmCvXFm6EWTI_10lJKWFlln8iQLXXkRjuXnXZ-VV1jLHmzEMnIhhcuFM5SARL_e76nzXbgdBvYkAsmhVR4hrsgL9zPcYb7QSO3MsDzIgiLca87Svsqw14HP8f0TfAbpC_gLtY5NZ82PpstP6DkEXgghiDJSIaBU2hIuSa_JEqEeu9xOc2Tn5A-4cbUB0MhHA_T8VWM9P-djpsORQBYM2Ecwyy5D96Rh8Pc7kywy1UBffgDHQdHO2f_pd03HbvMQP3CkbPeCrxGJzjT-P58iW0wlfbelCyLspwjgsYrlBs607LGKL4BZfKvmseiBG4USDVvj9yPnvW5zYXodZ7cXVnIqk_J4_sBr09QVAPDT6-9iSyiWUQEztBS_FJTIs9LkMIeVJI6rS4Idb-0Mrjt3ICJMamac2Z9iotm6QQOFaqZbZYPDzofxad8xcCT6xBvcQ-bcUj1MTuJnQWAvWxCOqMA02yJaceSMUzVk5fdG1LLB9khZjfAKLST4TIU-3AiRlbEnJ8gKRfgwZi4Zn9VSMF-4NCL_6Ov2rdstSIm4dyk9Sqa9aWA2_h5JZXX-26wF8AdQGWifTzL_A53t4EaVgRlBwSplhRQyTqjzlkntCPnJVhiB7HJKpAbMHOCL2PzQoEyo8FSBLuTs2UCjE-kstbCBKB_zfEA3imsc8MLzT0t4cjDr5JAD2dSHIm_irmfe8w4M53L-djpg94byPzSGD8gnlxCwMVcwBAobPn46chb5bxv_rnZYLEjkOzIuwT4WkoT0dDjZyVtHEbxJ2GkLEBQR6FBJpoOKzgPja0IpCq7u1FXwLcklKsMtuOatQgV_js3xpdVcm-wyF9jv10Z-ThIslj0eHETTUNT1dS_sb70yrCE82ibGuUo44j699RUOlmW7E2QWqQF1SlvFG3m4YjiGzPoLti0Fysf8kL5c_DwqcZo636QMHuEHkxRm5kCifvJ2WQErRNGFwtBP2KjgfpyjFmHWXBt0aDV-Qd4otLGIJBwSMh_10_Dt_XvCJ7B_QQrdPMVmyc7ZsDsSVFpL0ohpKXw365UYoO3WSACAEs_udTXX2v_v3L_owLwtu8edIqscRJs4FzF6Xxh3ADCfRsRXTugCEdFx0sJ5RJqppU1mpUbQiBvfu_lw8LZLk_hOjCYGBPZqd34U81F5KJWI_X545qx5IyTzLFXsww4lxm403uDLn2Bcn5hpCDfbuiSuCmPj9D4XaW2t5TnnPoAu49-4lBBAkOH4EH9oWlJgAMmPKE1J1GUmx7R8OcbFAYL66wUzH4PJYva1osvFhmhqFLABbdLbUyE9yWB2-GOevglcG6cxmPjUT0ZbP6Y0cM1IDGhCpjAe43kugLCXuoDNDj8b_9kr0d52KNcg4ttIcDAqsW6MrlfOk2tRFxEZ4JFfJA3LWRL4cc-zJ1TAXE6VMyhNIve6UX76k6_7UdeDRzRvJmc2q-tF1ckUbDZKZtzB-O0cqB6gVWVLvJoY4y_IRgJerYT6KVoaYPJjHPk6ATlNS9jjQ80LJzUfPMKlynGqXoUeaaK40g65zUsJoObOBBdijAgeWKSHTT6otyuBSwuI0wZQu2f6LrDEQjzCRxdC6R4d_KEfvOe05osBR7cqtE4W3VRJ7IG2H5j9o9y4uWmEoUis9eUlkZzoxP1tRCxCTkFhoyHZvsnHm5rh_GbszzrLbZOeEYlHBgx1VDYMbJLua-5PXq6hjD7WNq_SUslvE_IaYVarUuQZWDhbpF4-5EdK8Init7ZASZ_s18HpeZbYE_dMFsxqIFS7jsW10biZyjTgB3Mz9PatIwu-vuO-u1wJCjl6sx5Hx898QXs8GDZNzrIEWBQ3cGl1C0UUPBx9_l0ywdONgYfEZA9wrTAPNseN7Bh-UisIt1w6YeDwJxqh1WgLyzugyO52pTyRBAVr7WtiTFvI09ZYBoLs8HafzJgA7kdCqg-1iM_e3l1_WJiR7CgNFYo8g9c94RsTN4_p0MXmWw5YnE6Ks8uyy28ssxLSY185FUx3Om-jo2Ccc-_dnUxYLFyq8REHa6L7YVVLoaK8HX9bl8NKvD79pk4Mn5CyabfXDIVjUHZLFJjiSbuc-1kFyCuCrRYNi5jPLLrbzhfPvFqXid86FFQEFVc0QsCU2YZLI5pg5V4StH9cWjXkhK-Qmp8Q68ORfpc5T1CRkYVW9NYj-GHnf6j2q_l55c0QHBQN_CgXrKhpNGsrnHAFQ2f9g_R_fboKc1oGlZYCYeZiWP3bLvG6-4c7ssMsrzSsswjuLgUeL8tlnO2IxGYfyMBmBunxroQiXzqXK1oUU7bhzymXOEazChKa9v9bzDA25o9Yvh5YP1d4Hj7BZbOKyUG5g7sSnJwQy_QX6S5EJjzTjN8UlHqwgzjo4zaDYQ-m3gdZObTn5j44EMT_iBXxMfQe-VqfPppdMAi1LUNvVsbNQ6GqpHCYJB7YHJmjApopzoNsWMTjGalJs39BynIamgJzvMUgNwZnc48S3vzdsTFeYgrbsi3192GxV3Py7AOq7e4VJpvW9QGg2_pL1etMyovLpP6-COgZt0I8IXVHaIunfCkXfGINatKcx1veMU4oXKWRTauF7XUtEzkjBh5eFKXgk3A2pPe0U4KheEJUf6BCkeXxoUhnUIk4ujNG3M2kIztdBloXGbdas3qXT8y3hL3qHEuvPZv2tNeezTFsMtPDM8DDpmnJuFgVSaMfHN2Q8Kw-BlUYNl2Po6pSF9EwiE_6T9u7zq9aYIajDHHpixocmZhZtcT5qiJL1BBxgwK_5NLLE-31IE8gO_VKkAmBZTZHxjeC3097WRNa5P67w0aNI2i5ML4WkgMQ72k9UQgst5_Y3e_zxYDCYT0o26sXfgjdNt_3ZUnY8Fk59nTS6JnhGnY6EPVE7BMgh6BBDneSWsikBYVdYuP0sp6ec-J69ZCH0OdrlreDjtvPPx_m8HhAmOw602CBEPGCgFqXAKmQC__wC6B9Qjlr07GYauSTR6myHJykZjh2PLNgEiF6MlXgEpIMW4G4_0W1_P_BBaTnNYxfTU2u8khxPnqFvAxewFHyPCgSmtfHMwsWtu4Has8PoIALPCvOi7vhI3UQbpSDMyeaPxWTwZbd2pGLXoB9EvTfJfqzie9WHER7cF-rLLiPYzWynXhPkGVev7SqB8EjspkM6znfncHjXlqCn_M12-ep_l5FJL6dKY0P34ycJJk9SlZ_MVFEFYnGGiE0CQ&cid=CAQSLgCsnQUxr2OGDgEmClDBPpEc5ehYBFw__36PiRRzBp8xWJY0KXceTx2dOefgBeg&rfl=2%2Chttps%253A%252F%252Fwww.kold.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:31:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 158C 30 KB
12 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
server: cafe
etag: 11425859616848618248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:31:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F48 0
0 53ms
47ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvl0v1jeUQ2RDc5uab7mX_TxfK6RBejnIsDIVpgqo8HeU1ned9RQSPQP_GowLb_vbrGU4nI8PbBTcMWpWwwGmeHNTe5HMEHKm_lEM2GwoePYo7j8RtlJP_ZM900NnGdx0MgDctqRjm9aqfMWO2TMBD2YOPJbNasSWqrJzbrvLDU23it9cN3nU8LROIW05ziWmxrVpv8V2Y7yynZRkf8O8gcKxiVEhuswtJx_FntKJL4KQ0YRMeJWaGDfscXDJfdB8MrAmuEAiOJeENY0oIzgHSy_LnroXY9l-uhgJRniRC886ws8pr35lzzvICYbNezOlVD5yUVw6Tj&sai=AMfl-YRonYtYIPsM7SZaaZLKkeCpRImTBFXQmcZI11QFCje2ZmfSlsSycQb4DHmr8n3YLTBtwoCRW5C54DUz0EZD_V2499CG0sVUpmAfrDgfV7c&sig=Cg0ArKJSzLl241-kUKmQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
DATA 200
OK truncated
/ Frame 2F48 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66a215aa355f528bc8815451ddef5039643d3a4384cfb6133b34c5626c1cb676

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BEF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1

43 B
843 B

31ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVwV7ebWEeygE9Wa7D2WDwgiAeW1IETkGE0x7nM7dd-fRcOxs7fWrc-ytkuooco8fx4OLobnwE4yIy9R06YJTfgGEfJSO_DvGRvU2HNZuPbV-EkAWi215Kg6x4QEpCfuATa7Rn0gFCWyMY-dRSCtApe0WW05O39IbgMo0r_e4xHZlo_D_g
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a515e9692a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK7dknw%2FsvvBfpRx%2FeA3n21R2ZcaE7Hne5iOveXKAAfnRMCHiruzNE7jJuJYdBrEepTJL51XhRl4qTKMvM3PCkR2eo%2BJf3SahfaGZwhvUONggSisKuNFwRSkBo2EUjpv1xhgh0R%2FrUM37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BEF2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx9fJn1Dq3NPYHQ2ed7yWwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1

43 B
845 B

26ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVwV7ebWEeygE9Wa7D2WDwgiAeW1IETkGE0x7nM7dd-fRcOxs7fWrc-ytkuooco8fx4OLobnwE4yIy9R06YJTfgGEfJSO_DvGRvU2HNZuPbV-EkAWi215Kg6x4QEpCfuATa7Rn0gFCWyMY-dRSCtApe0WW05O39IbgMo0r_e4xHZlo_D_g
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a51bf1392a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEyflKSUJLoXWx5vVwZ8WlJDyyVhCTSTyC%2FdDOSp9DMtOXioEDOuyeCBDsijUIkwC3wpxZojVtvAaiJTI%2Bt%2Bf%2Fv2GLrhMRfQw0634atBh0U1hB5AqgUWJy96VXc570bzCDFSQFZiIhQSlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXtyqNWy6_4DqsYjpr853k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BEF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDYuP5IdVTa0eq4liET3dm8&google_cver=1

43 B
1010 B

15ms
15ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDYuP5IdVTa0eq4liET3dm8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVwV7ebWEeygE9Wa7D2WDwgiAeW1IETkGE0x7nM7dd-fRcOxs7fWrc-ytkuooco8fx4OLobnwE4yIy9R06YJTfgGEfJSO_DvGRvU2HNZuPbV-EkAWi215Kg6x4QEpCfuATa7Rn0gFCWyMY-dRSCtApe0WW05O39IbgMo0r_e4xHZlo_D_g

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3960d29c-83b1-4022-bbbd-89a0d2fb848b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDYuP5IdVTa0eq4liET3dm8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEF2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyMjU0NTUzOTQxMDk4MDUxMg%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyMjU0NTUzOTQxMDk4MDUxMg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:38 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 175a488a-c526-456c-bbec-5362b3656a03
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyMjU0NTUzOTQxMDk4MDUxMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DC4 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Tue, 12 Sep 2023 16:32:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 75E7 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 75E7 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75E7 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75E7 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75E7 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/ Frame AE7E 6 KB
2 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 376315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1926
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 08:00:43 GMT
expires: Fri, 08 Sep 2023 08:00:43 GMT
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 158C 0
622 B 117ms
57ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7C9GuFVC7HFniDskIzNOslWynYfNwYTRotadO8zXKBmmDaakTBR1R-sf8aaW1qEIjCc4N-jTQoFYXBkwdbwsAB1BiL2nQrPXjuZpLwR0ZjcXMUpuhyX2mDqB1x4jaewBmdVnJRZC5RceDNdS7vGaP0DMFa_n5G1326c8utnJu_d2L5un_DeK3NgF0BjfthLyaoeIR1l5-qVrNiiUoRFvsWhZAylECt5Jfi31KNF2eMXzbSTmasg-PEVVS7G967vz-vGfY24avA6m6ECLfcsf6_iqo6jwgicbQCb4EKTy0lcktn2Vsut5x7d9CZqTkkGy-o8cpsYGjU6up6M7mXkqQJH_RIclurjHNMhGne5D2MIQmvUtygjlI5O-u2aoGqsCpp-IGlekCgKjPYm5m7_SE5s9tdrrUnmPbIxS_EhO2begTV3tb5HTcohoXSNEnvdy7AN-JxM3m1_O5jSH6FxPBLpp0W6BPrr-jsMad8iOuj2WG7CpDzet9JOu9aLzKnSuu-tAKp_6Zyih6UMNRhUu6nQXSeAUPfxL8V1EwJ0cjl9ynjoePAP0SNywEzeJmSURIeBZY7H0w2p9k9bRA4WFDEg71ayYKtc0iOtC1TRMHrMBkTM10w8HKt9opaGoBbdpq4w61LDlmYVTsF1PBWCp_GVAJsnNjwrHGuegCn7cvNxvXv_5fwGb8KqNCohLaDYI7wh-F3i7_JKLhrxu0XQjoASrldw25EGmSbGgSlTYf1I38Y7kSJ5KXTb6stf6V84ORtcSwYfzhoFhDr5cho39-rIAW_huH_FqtDB89xid2XAd95Y21xr_WFfCBcR79yi1HnW3ebaSlgMp-WdFqfdAXp4pFqGyunFARvJslD7Ffgo22arlkHHRsE-q_HM9fRZwbWHR_9_OOqHvKCKZSAa_S4WvyJyc3-XybJ3oW3ZPldGO60BszqpuiJ6mbKjzGOlmvWP1XPZiqGA8g5FGqYq68rJBXj8xtIIEb9DMFJ4Jltp3uYs7TAh7xe-H30S4ku3j-6wK7e8GHOEaGzEFCiN6IjEZjQsA9cwpzzDasxRg97QClI3xVSYNVBfnWI3B40UG0ALncCllmiuZWdGkMMz9SOEHxA6G2MOHq6m8wRsXk-InzxJkGWoWszo1CqqHK8eTdGuW745cL5ixMYGpQ1Z7qRhzuBw9jBaf-GaCy3dkaHqGXEctRGfNEicf7hkZYikDumFXlTzlbVgYA06-zdak6VDvwGG4WAaR8fGAhgsb7M_ln80GTLn254k0oFuTwoBOe-qhdlWP5gAJ8qK_o0weTyyyvIIL4OWxLpdwUj6Ti&sai=AMfl-YSv3tpd2n12rf9yBhvEnTM1tvgaiAqJMhQ93mO6fJeGYvPEUONNr8sfzJsdZp3gxpPrnAD0sI5sYkx-GQveDc-P5otsHWEKWESEI2ZTMEzgxdOsWgTZPQr7IXatVIm6d19OMCJLDVgyA8xDCpfFA64VA4lQtf-GfqWwispQ5iMBzYaH-LZUE0VQ7d719hM78hkpOvhQv9d6-M5ICqTCLl1i9gnRQ7ArajPjwuAf&sig=Cg0ArKJSzOy9LI94TyJ3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=150&cisv=r20220907.08635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 12 Sep 2022 16:32:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 158C 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 158C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e8f53fb4a50896f3f9a0019d9b0eb91b1579a6deedec114b295b02ccf4a4d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/ Frame 3215 12 KB
4 KB 9ms
9ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0478b231a53d9b32a88dbb1b1c01c07a9709f4353fb67d2571754cb8885434

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 263760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3565
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 15:16:38 GMT
expires: Sat, 09 Sep 2023 15:16:38 GMT
last-modified: Tue, 16 Nov 2021 15:31:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3DC4 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6dptJl8fY6LPAZjjgAfFvKZI6LnLqWzczaKbhg-YqpeWxSoQASD5v8MjYJUCoAG-i5HQA8gBCakCslm5HikGsT7gAgCoAwHIA0iqBKICT9BgDueKImgGBlPAK_ATK9epoJYqOOsMqfWzA8YMZ_ud_d6zGwdKHb6bAosBU8KX2aGwSOgLCil98g7aZCX3HRA794Ip9dbNoIsrhFU5oCU84oCWyMq79K-4HcpC3nrtNUi6Pz_T1d30EdP_2kz-aNop577zjcOQlbn6exdZ60qajAxTFbDtfk1X5BGPLsn02Dfo2nNyeU5gJQoCMwfdoGWqLcMkxY085le-lmQvyfpriSqfELcm-Aq56ylKl4YUFhd9vxRXra6UIkgynOGgSGVT5pSGFs2IOpBRCoJGHwg7Ytia1glW7sS4JUZLfkLWRboAhoitwFmKZralNHaDgAvcgtT8OusHphH7OSgFRB3fG9hvj3w4ltWkuTxp64LGttzABJ_F6dHeA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQgpKKAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMKiBQB0BUBgBcBshceChwIABIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=XbbByLflmyk&uach_m=[UACH]&template_id=419
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 3DC4 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:22:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AE7E 60 KB
24 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/ Frame AE7E 2 KB
781 B 9ms
8ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 752
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EAC0 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 290501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:50:57 GMT
expires: Sat, 09 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3215 9 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3215 26 KB
10 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:24 GMT

GET
H3 200 4812660ad13e5cbb76775d08ba975c04.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/ Frame 3215 72 KB
19 KB 11ms
9ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/4812660ad13e5cbb76775d08ba975c04.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b5932103201fa3c6adfc6a42f5dc59cc9e1094edbc5b244ffc300da1d8c099

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 263760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19202
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 15:31:40 GMT
server: sffe
date: Fri, 09 Sep 2022 15:16:38 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 15:16:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5478 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 15:39:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 3DC4 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:24:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DC4 141 KB
44 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 158C 0
26 B 67ms
46ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7C9GuFVC7HFniDskIzNOslWynYfNwYTRotadO8zXKBmmDaakTBR1R-sf8aaW1qEIjCc4N-jTQoFYXBkwdbwsAB1BiL2nQrPXjuZpLwR0ZjcXMUpuhyX2mDqB1x4jaewBmdVnJRZC5RceDNdS7vGaP0DMFa_n5G1326c8utnJu_d2L5un_DeK3NgF0BjfthLyaoeIR1l5-qVrNiiUoRFvsWhZAylECt5Jfi31KNF2eMXzbSTmasg-PEVVS7G967vz-vGfY24avA6m6ECLfcsf6_iqo6jwgicbQCb4EKTy0lcktn2Vsut5x7d9CZqTkkGy-o8cpsYGjU6up6M7mXkqQJH_RIclurjHNMhGne5D2MIQmvUtygjlI5O-u2aoGqsCpp-IGlekCgKjPYm5m7_SE5s9tdrrUnmPbIxS_EhO2begTV3tb5HTcohoXSNEnvdy7AN-JxM3m1_O5jSH6FxPBLpp0W6BPrr-jsMad8iOuj2WG7CpDzet9JOu9aLzKnSuu-tAKp_6Zyih6UMNRhUu6nQXSeAUPfxL8V1EwJ0cjl9ynjoePAP0SNywEzeJmSURIeBZY7H0w2p9k9bRA4WFDEg71ayYKtc0iOtC1TRMHrMBkTM10w8HKt9opaGoBbdpq4w61LDlmYVTsF1PBWCp_GVAJsnNjwrHGuegCn7cvNxvXv_5fwGb8KqNCohLaDYI7wh-F3i7_JKLhrxu0XQjoASrldw25EGmSbGgSlTYf1I38Y7kSJ5KXTb6stf6V84ORtcSwYfzhoFhDr5cho39-rIAW_huH_FqtDB89xid2XAd95Y21xr_WFfCBcR79yi1HnW3ebaSlgMp-WdFqfdAXp4pFqGyunFARvJslD7Ffgo22arlkHHRsE-q_HM9fRZwbWHR_9_OOqHvKCKZSAa_S4WvyJyc3-XybJ3oW3ZPldGO60BszqpuiJ6mbKjzGOlmvWP1XPZiqGA8g5FGqYq68rJBXj8xtIIEb9DMFJ4Jltp3uYs7TAh7xe-H30S4ku3j-6wK7e8GHOEaGzEFCiN6IjEZjQsA9cwpzzDasxRg97QClI3xVSYNVBfnWI3B40UG0ALncCllmiuZWdGkMMz9SOEHxA6G2MOHq6m8wRsXk-InzxJkGWoWszo1CqqHK8eTdGuW745cL5ixMYGpQ1Z7qRhzuBw9jBaf-GaCy3dkaHqGXEctRGfNEicf7hkZYikDumFXlTzlbVgYA06-zdak6VDvwGG4WAaR8fGAhgsb7M_ln80GTLn254k0oFuTwoBOe-qhdlWP5gAJ8qK_o0weTyyyvIIL4OWxLpdwUj6Ti&sai=AMfl-YSv3tpd2n12rf9yBhvEnTM1tvgaiAqJMhQ93mO6fJeGYvPEUONNr8sfzJsdZp3gxpPrnAD0sI5sYkx-GQveDc-P5otsHWEKWESEI2ZTMEzgxdOsWgTZPQr7IXatVIm6d19OMCJLDVgyA8xDCpfFA64VA4lQtf-GfqWwispQ5iMBzYaH-LZUE0VQ7d719hM78hkpOvhQv9d6-M5ICqTCLl1i9gnRQ7ArajPjwuAf&sig=Cg0ArKJSzOy9LI94TyJ3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&vt=11&dtpt=143&dett=3&cstd=150&cisv=r20220907.08635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 txt1@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt1@2x.png

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2563
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:43 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo.svg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:43 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 33 KB
33 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg1@2x.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33919
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:43 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame EAC0 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 13:20:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69C7 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvimzhLtnvd7Xqy_Ot6fF1V99q8CaIpOAnJD-LJzWVVx3jmBcEuI2-5mBj4uFVHk8OnWiydYAE1g_9E3edEbzIzOS2hcaMLQw78OBAVvWmTFUHJ1irE6dwY9PZ5554V_MXIgnlxXVrZLcLL1IsLm2xv6MdZjUkxeWCU3Au373ITzYmNNs4vVBo3kWTeff5c4feu9jXhNrWY1r4U9xEqQkAMPXNYYskQYHIsh33u2tve9Q05yyS8EoKf_tPGauA-DPv0kWwhzxpC0L6SsI-2xsWpMK9tUdB_-sqsY5o9b4kyfAfmRrpt_TPNBV0C8_X4FvYTjw&sai=AMfl-YT9qaps_-0GJzrhuKixa-s56WZOynqP0N00a9wm27eausck_5BMRoPTuXTTSayMX6qO74Eo-DRVo0WCygk01DtA5nE1WysGkveQ_zvJ_nJ0ezAwYeeCQMFxys7UIHE&sig=Cg0ArKJSzMrxqrISTRLzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 69C7 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:24:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69C7 141 KB
44 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 69C7 0
0 18ms
17ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbaEe2imu8FX6sRkGZSevYU6kSjFJ_l_n7vP_JOOVuQL_CzvEuPfDnNXL6KMRyqwI_g_YVAyQ4YbrYGyO0xIdmdrQqXw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 16653647834809933888
tpc.googlesyndication.com/simgad/ Frame 69C7 132 KB
132 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16653647834809933888

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:08:48 GMT
x-content-type-options: nosniff
age: 293030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135136
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 21:34:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 07:08:48 GMT

GET
H3 200 container.html Show response
47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F315 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:37 GMT
expires: Tue, 12 Sep 2023 16:32:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3215 3 KB
1 KB 57ms
19ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Scada:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/4812660ad13e5cbb76775d08ba975c04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

065fa8ab7b0fc704e99d3144be90153d878027787b6270d6b14de7bc86426b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 16:32:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 16:32:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 16:32:38 GMT

GET
H3 200 dc673661b4088f48fe23b8c40539a9c8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/ Frame 3215 13 KB
13 KB 12ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/dc673661b4088f48fe23b8c40539a9c8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b77967609a5cfadd44834dbc5cecb8bea5f96e3b6d6f66cd9fd8702e42390a52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 263760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13116
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 15:31:40 GMT
server: sffe
date: Fri, 09 Sep 2022 15:16:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 15:16:38 GMT

GET
H3 200 40e82b6d03bfe9e9f1951b62e8e28ced.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/ Frame 3215 3 KB
3 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/40e82b6d03bfe9e9f1951b62e8e28ced.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec4a0e3b847cba3a95956fc16ac0f06090c5e343e3c008c1d224f4c113569720

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 263760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2648
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 15:31:40 GMT
server: sffe
date: Fri, 09 Sep 2022 15:16:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 15:16:38 GMT

GET
H3 200 a8f55c1aa58eb45f81cfa94df7552547.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/ Frame 3215 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/media/a8f55c1aa58eb45f81cfa94df7552547.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6623718865651212910/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d6c50140004c0e49d2f04d3846e6d79fde74ef73c346d04ef75b8719d70fd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 263760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 15:31:40 GMT
server: sffe
date: Fri, 09 Sep 2022 15:16:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 15:16:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 3DC4 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:31:18 GMT

GET
H3 200 359 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 2060ms
2049ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a08443367497433dcc9d682f7abb159fc2a91cb5c2cab6c69f55028363921a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"778-/8aCEUAMXRR9H3NTTeUXDH05foA"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 749a0a540969bbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame 12E7 43 B
843 B 31ms
31ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=07365f69-f611-4e8f-b8a4-9d6a1b476cad&expiration=1670862758
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749a0a53189c92a5-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYnVFCicM%2B4ErttZYd%2BvlfSSLWU70zl%2BsPtD8R9MTMnBGO536yvdgE7xAr3Zrcw9o9P24sKUzQ9sj78Sq2sh1O4CJdW%2F2BdvB7xddg172pzguoNV7p1V%2Fp7RNh9A17rX3YoFePf24vBmBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

OPTIONS
H3 200 359
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 134ms
122ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 749a0a533b799948-FRA
date: Mon, 12 Sep 2022 16:32:39 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5478
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:38 GMT
expires: Mon, 12 Sep 2022 16:32:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame B7A7 15 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 108146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3876
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 10:30:12 GMT
expires: Mon, 11 Sep 2023 10:30:12 GMT
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F315 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CARVYJl8fY6mkH_vjx_AP78urqAiHxauXbM3Ry4GXEMz0_KCiMRABIPm_wyNglQKgAbKKwaoByAEJqQLjAj62-9SpPuACAKgDAcgDSKoElAJP0LCjRen0tU3-NmSzxo87kMZ6j7sBXiN0NlVvJ1RbQmnPOZ4vPLmBDEzYKgvKXa6u2aj9FHMtxgIFn1nUQUi877PrJwUg0M3l_WlUAW0p67FM32OP8nYp3YREy7VL_hvtq9-iBei3gbSufTAZQHWMcBPPWIIAxtyKfTZCIRaxIGs8uZuuuRkSxOSix_0TbrDLro37fxpEuraYjAUA6AO5owM92jjgMQwtXBwThIbUMncNPpapKaGFzr97b4OXBfFu66bAw-t6lFE6oIWoDDh1o870sDi5ByDy3SA0b7abByy5GlMyKn89glqWxNRlpuHQa9vnsoD3MdYhqcNZJoXvSIPJRxdyiA50AwX0Nlsg9Mby_33ABO6Q-POUBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENSCPNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=GkhKoPvRmT4&uach_m=[UACH]&template_id=419
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame F315 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:22:00 GMT

GET
H2 200 RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v14/ Frame 3215 15 KB
15 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v14/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 00:08:33 GMT
x-content-type-options: nosniff
age: 404645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15104
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 00:08:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3215 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Scada:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 126177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69C7 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJA4pivqH1CZbAIyR5aGs5Y0iAl5ChvxTnuAUUz9yvf9kDmekSllOpeCmPhbD1Mgd8kWBSL57qlplcXCIedcJwH79QQRzR4rNK6wNmFkmXPXWxJHjtBZnsfI9uqSxDncnWkZz8_OpkBrZ6IkBYuDSOcqXagQT_deFR3YDVP8nCDt7CNSw7GhawaVdjnPv8L_CyVJ-z5gzWhD5aXF6FGLKracQlwR952-vlTxRm_WMQAR9ZvwfK2ycyT4R6pKwgnsMwqGW8dKgs0CqFuQXB2wDZQOac2C9B3AE9yTsFUSbxNW49Ce9W3nMPAx_Dd3vTuYICTNwp&sai=AMfl-YSW2k1WdQfJ3wv1aidQ7A-LO8KgULYf0t9XHWzpe3nePYYpSYEIElYxdpeHi6Ten7UjjlefrMZmxZST6fZd1lGX1ZcT2niaOyurW-EkbQdMKzrBlG4e3xyytxgnzDc&sig=Cg0ArKJSzFkFue6nXSneEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 16:32:39 GMT

GET
DATA 200
OK truncated
/ Frame 69C7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46313314a98833c189ea7a3f8ddf03ba87301e1db3b98d5e0bf92f69da73dec2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3DC4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23aaf2985edbf6f38a76c28e210f881fbba56a0c63c66e3f150d3946fe845a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B7A7 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B7A7 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:24 GMT

GET
H3 200 e6f40d138158e41bbc4290d1d8f9ae48.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame B7A7 84 KB
22 KB 10ms
10ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 14946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Mon, 12 Sep 2022 12:23:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 12:23:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B2B 143 B
163 B 10ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 15:39:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F315 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:24:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F315 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:31:18 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3215 36 KB
16 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 13:20:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F315 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiuhANH3xXOP-vDsVt5v-RMvkoGQ5nzHDM19C1bx21h6-wzE_Qcb5PxGLN7A5g-qWQt5NO-Lid7V9sB6TwWhu9_ossgA
Requested by: Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F315 141 KB
44 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:39 GMT

GET
DATA 200
OK truncated
/ Frame F315 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1300f8d417007f0f7e116e923bcd0b9aeb88c01398692df03b056c32c5b1fcb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame B7A7 2 KB
540 B 49ms
20ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:18:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 16:32:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 16:32:39 GMT

GET
H3 200 5d2621bd596ef5c2c83d009be66f5432.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame B7A7 13 KB
13 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/5d2621bd596ef5c2c83d009be66f5432.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 485944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 07 Sep 2022 01:33:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 01:33:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B2B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:39 GMT
expires: Mon, 12 Sep 2022 16:32:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3547 0
737 B 14ms
14ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:39 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 693aded0-d592-4ab6-8c4c-6ddf65721706
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 213F 0
737 B 15ms
15ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:39 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 846587a8-0dc1-4455-b4ce-32d79cc30640
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B7A7 15 KB
16 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 126178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H3 200 391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame B7A7 13 KB
13 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 485943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 07 Sep 2022 01:33:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 01:33:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9330 0
737 B 15ms
14ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:39 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f8e3e6d-a1f4-44ba-99f5-c0ce20d7a505
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F62 0
737 B 15ms
15ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 16:32:39 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 695cb87b-e725-4b14-9258-42d0a2fa9328
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
297 B 17ms
16ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/bulk?route=AM%3AAM%3AV&lti=aa_test_for_monitoring_var&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1663000359.217704,VS0,VE9
x-served-by: cache-hhn4078-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
56 B 23ms
22ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/visible?route=AM%3AAM%3AV&lti=aa_test_for_monitoring_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1663000359.219702,VS0,VE9
x-served-by: cache-hhn4078-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
707 B 10ms
9ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 4405
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1663000359.243575,VS0,VE0
date: Mon, 12 Sep 2022 16:32:39 GMT
x-amz-request-id: QQBJB95DTC5C6ET8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 7
x-cache-hits: 646

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAC0 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi3upJl8fY-6YF8awx_APh-ajiAcAAAAAOAHgBAI&bg=!5Oel56PNAAZTikH4c4o7ACkAdvg8WiyMq3gxHL_cic15WvFyb8Zs-7E3v0hu1KME02uooR9pGX17MwIAAAE6UgAAAANoAQeZA2p8G3lVEq1rkTuOUNOg2lC6gJMZevGuvM5_ldI5ct3p1cZkDOyG87Xgy4zEuaUnBb8q2bFoUUABUCDxZKHXK1vp3_Xl9RIS6vU6CPVS0cGIpu_UncEX6onO9YVNOFN1Df70qwFu3OY2kbj5mhXqohj5QVCr1UTBHB5xqtD4iXBxe5xZ5IQet2AXMirbz0PHVciiNv8kWncQd64onG1zn389tvCJO7RkXZGrU36b14gr-Mz6yZ1ogYIfHaek08y-9cM2X0UHWpOW67mbV1fEMpxJLoy-wuUXDIKC8wUINK4YHkerpeZWUyiYKKlsm2tTdoaUucmpNg4TzXUrXKK2o-nPhaR87vFhicgnZWc0lmIwJ0B3cbU3Puh5d1n4yHdzZYIJQhK2_Jy07P9UenZReTECZtUbc4nhKIWYmlk02grgUrh6kZqlh4HXjap6GR6Qr8txrt4TPBBDvxSDmUlBIq5CQ4CYf0-XbQi8h9vC2dXVs5HFT8zEkPPOCVhTUMJHaS93aEMmQYsVZv3DgLXFbiGl8YV5B4_mmRzlFcTWTgUv9MXMQDcj6Bp0Xjzs3gxrPrzt_BKly2I3gJTxN5qSgKe8O8TTsvvO73hvv8bIshw3qcLnY3gkfqOMLSkLMfBqB8aTBdcYa7YXS-QFNhTkKN6V0t0R3ES_lO5jRy_9P7JVin_FmqdLOk1zPApFtT1wf-TewDNOzOhsojXL-mJdUc3OYYJL-7vY84Pk2cpvtsKCRcQWjLa7eti4QDczZZb9u8ykaCQitqCzdsfTsOfcE312cq23MY3cNdrzQ9CQFdpbYhsSs8t9YUqiAhTdFZVL-JzMdaPDJ42O6e2_Ih21yrvxji-XNxkWF01dCGHzpChGIs4NzS3UXOYm25GEYRoxZrkoXUk_OTywZ7TJR7glKMMyKT_utymcj4VnKp0ybWZAeq5POB-S6krLOHLvNaTG4PNn5cMWb8xYt43v3fJ0jjqKwLKKVWFvxG70XlyrkaLe1wkMNQUdwzwSsih1pbL2B5mA8UF2ltIzdLIQZBUrgRU8c2vvxQJLmiflF7h7JrEa079Xg6QONYpUWq8j1jHCekwqW99MiE3IwIQTInfLJZkoVO3Ta_q1iAUKw54zAIisgkmgug5gigO4f8NdBXE5ZWsjtf6Zr_7HzN72

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 72ms
55ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7de5b78c27a03edb8a4845ec0e377341e157abe6b565b4206c43d7ed4bc4e90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11090
x-xss-protection: 0

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame B7A7 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 13:20:01 GMT

GET
H3 200 970x90.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame 75E7 87 KB
87 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/970x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=k6MR8w3ZCT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:40:08 GMT
x-content-type-options: nosniff
age: 39151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88667
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:40:08 GMT

POST
H2 204 /
684dd311.akstat.io/ 0
200 B 87ms
71ms Ping
image/gif 2a02:26f0:ea:4ba::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd311.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:ea:4ba::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
content-type: image/gif
access-control-allow-origin: https://www.kold.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 12 Sep 2022 16:32:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 94AE 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD8RHkoffsHcvgtBP-h1C_qcosD0uoAeVggns77Hf4q3dH8RzSvL-fFDL-KIxl2sxmp6smKPs7L1NFu5VN43brKtDrqN3Cs18EoDP1HjzL-_HkXM3k&sig=Cg0ArKJSzNKrZ3v5GxdLEAE&id=lidar2&mcvt=1025&p=519,1135,569,1435&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1640516046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663000365467&rpt=114&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 16:32:39 GMT

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 175ms
99ms XHR
application/json 34.249.7.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-7-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e275b8c814bb72eaefaf6f7743c72e1a63d922c50328086ee40e660d84052b25

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
x-server: 10.45.3.13
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ 0
212 B 554ms
176ms XHR
text/plain 35.164.244.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 32ms
32ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: ca88cbedc87a953ee6479efea29f0f87f2cf40ca2f30a4c3bb868d6f02e924e0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Sep 2022 16:32:39 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 12 Oct 2022 16:32:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00C0 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 15:50:08 GMT
expires: Tue, 12 Sep 2023 15:50:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA94 783 B
536 B 67ms
66ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbd7dd9f4374bd901a372d2ab72e4ae88fef776c8970a6a3bfa4c935eb2df81a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7e5MXvpkzHERae2DKTP8AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-7e5MXvpkzHERae2DKTP8AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:32:39 GMT
expires: Mon, 12 Sep 2022 16:32:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 00C0 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 13:20:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA94 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=513852309635256&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1

200
OK

results.txt Show response
kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p4qvrvn00
https://kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

217ms
8ms

XHR
text/plain

95.101.27.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.27.37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-37.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Mon, 12 Sep 2022 16:32:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p4qvrvn00
https://fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

119ms
14ms

XHR
text/plain

2a02:26f0:11a::6867:4853
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:11a::6867:4853 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 16:32:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net/eum/results.txt
Date: Mon, 12 Sep 2022 16:32:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 00C0 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vEPyug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F48 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMtiyzQi325eSq66eeRjpTDpwuISWwg6BlXRsUG1WLzaSp0nIiIdLfGoHs6nToWF6jiGOOZQSBEOCQT_EYbJdpXXwe65QBtBSFxxdu-DP5dx6Z_thK&sig=Cg0ArKJSzJ4bc0CRlp0SEAE&id=lidar2&mcvt=1000&p=186,-150,1386,1750&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=19&adk=1329624849&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663000365622&rpt=213&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 158C 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoupz8V7rLG9eCTWWOUjOjZlYZvuZ-L6fDV1jRDQTpqVqWYIsxDLdNEAUPM8l_40buOihKoNzofJYImuEYhIHkc24NMwwrxSRBXgRcwpST--OUPQM0o0ZJ1O8UnSrck_ZXXQF2WA&sai=AMfl-YTySDYEaiKRyIBkaR1DvW4rzdwXoHfk4HwMbEne2fdNfTcXKjyCNuq_HGHmSeXb3B59AFgO6LkO_v0seBsDWg6vQFalbLfEHym37dNX0Q&sig=Cg0ArKJSzLWDOsa0-gYFEAE&cid=CAQSLgCsnQUxr2OGDgEmClDBPpEc5ehYBFw__36PiRRzBp8xWJY0KXceTx2dOefgBeg&id=lidar2&mcvt=1000&p=1109,288,1199,1016&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=788621628&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663000365662&rpt=323&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
180 B 451ms
22ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 453ms
25ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 452ms
24ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 452ms
27ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 450ms
25ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 450ms
26ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 450ms
26ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/ Frame AE7E 1 KB
447 B 12ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2605
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 3 KB
3 KB 18ms
16ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2903
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 disclaimer@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/disclaimer@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1713
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 bg2@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 32 KB
32 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32877
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 legals@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame AE7E 6 KB
6 KB 20ms
18ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 376315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6340
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 08:00:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69C7 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1dumdlS9Ma839SsTMA0grcnJXPoU4HHpqUTwNa1xAidtetBB23rnVZ7aTPtJj59Ou-rcJmBUYMULekJgjvHrGiuC_gWUhapGjOlbJ3vzBECSHAdPN&sig=Cg0ArKJSzG_qvulMiKn2EAE&id=lidar2&mcvt=1000&p=629,1135,1229,1435&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=0.95&vu=1&app=0&itpl=3&adk=1891466339&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663000366124&rpt=179&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=513852309635256&bg=!OjmlOX3NAAZTikH4c4o7ACkAdvg8WpubWlxq0Q7KQsSCtFod8ZrrngkAOZ7I4EZs2-n9fCz0YWVzkgIAAABkUgAAAAJoAQcKAE_d2Z8ONCutb2BZ1p1noToPlRzeltEynA4ivVHDeU9tI14f-Qa6W4FwLtgJlEseLMIBXXIQhWw3gK-q99BKWRknbcWVESqmiGVgVi_rmaNumQLZFV2qXTh7AW8w-Wf0jyY-8sjTxKpLq2mJlmmAwPhjWTwUpJtK3bQWHaFHUKIIqHmUyiy5TEms3mJ00rn4CMPWq3bkc99DdPIhopbUv9RT73jsTWUcjUahDiVQFe1T9A0WNnGGD9QE1SyCi7KT6b4GUf4LlL52dssYQlNv775K_EdL-Z1ULb8d3Rj2KO85EZ0lvRQXElHG59qiF_BBRZrvpnvHXJa6TC_zwwPsgeTdYhNujcsHLRWGWUWJm9mvzxVDS4HfzCbgLrZK-sfTtWuf93KdkFbHL8CMDzzaibKtgpNzfLgrQPXyDRLP_BFIhnKetPuUHq_N0iJzBvAA5HCMdA1OQwe8UZgrhMI_oqFx6fxaizIw6Mq13lkVK_f2Ara3tcGNuH7PJGN7uUScZq7kSLUXiIZZqb7jvRT7YE2i7qHp27mxvYKoDbv9z3l1HnxZleDJmwCUdw7K66nRhaoR94QXApB0nLmy8OV7pFAmofwr0IaXnJhjqtHpERKGjIu2OZmlFCB54W24L0BSmOoKe6hI0k4hE0pQjeev3ijTwcsMu29rfbXAXDtkR7587Rf0eqED7ntyuEF2yTAZEiAdb7qVJCUiYpX9VEkHDjcGlCz1eiHob5uAaIe1Lbcyg53fOJtSn0o6VGYwRoLBrJHwkUIaX1WbjXaavpHrwpvfkgRpJ7yi0FV1Jun1MUCyccJgMATSx9OruC2hoLNKQF2RpBRuHPUOcgipUxjU5lVW4GfwGvXIRxNBP84CM05EkofTeGQ0j1mjSfsItHPm6VTB7ZGDi-Hf7-psCU030q0kg4RgyBtTSME_Nm-aES6JS7ltTLGv58MylBUEd0moWi2K6xCrauidgTIsrdhqXrPB62lpwteK6GLthVpZ7D8vTaO0iUq5qaNwa5IxO8NfSicLA0MvYfu40ulEV2uuwNy2_zC4K9iCWfZamkY0HH3OLh8t8b4s53gRX_cS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 1153
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: 9h5YrrHderO+SXOqHgiSJa+4chw7NI52s/iH/ZTLC1y6ACPsvzCC2VTu68r8azHJi4/UfemKLq8=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1663000360.052061,VS0,VE0
date: Mon, 12 Sep 2022 16:32:40 GMT
vary: Accept-Encoding
x-amz-request-id: MMBKEV2KZA9RA8NR
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 7
x-cache-hits: 1217

GET
H2 200 / Show response
pips.taboola.com/ 64 B
238 B 31ms
7ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 014a4fd38e88cd8e333a6147e01efb1ad3c1b00e3118ac82c600b3ffc2df7668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:40 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19135-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 572ms
87ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=aa86f630-8aaa-4dbf-bf7a-503b193f8802-tucta18e4a5&uad=74b8942009f393336b393dad1d725947fe03629bd9d58a76eabfc6eaf6762ead
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 16:32:40 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F315 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssd2kHI2FdhCSUc5y0Y_JxG9ZF3-qryNUiAWOFYoiqLrMfkY3MIKMQINM2lbojEhTLN-QKhURKVNn3t2HUyccvgZd5XDEDDbg2rwxi6U-a8EP04aS1SjFdwpdhpObeKETfykEzgzVuqiRyg&sai=AMfl-YRClNAznOvnnYhuAXa8fpQccMvnAyMu97EGJybSMIqqyfg-TXzT627wsjgetS9yd4PDOsRLOp03-fMVNJPrmThK13xdyMrTXWDyMi8LjZcBzQyuj0yh81mIHT8M&sig=Cg0ArKJSzFnXP496ECAuEAE&cid=CAASF-RopyG8o6rF_QKFgiCSJzbj4RX0RFSP&id=lidar2&mcvt=1000&p=798,278,888,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2340954388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663000366144&rpt=390&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 16:32:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 704
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 128ms
127ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=ryhijkuak1ukwrwg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 749a0a60ef259948-FRA
date: Mon, 12 Sep 2022 16:32:41 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5441
date: Mon, 12 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 17:02:00 GMT

POST
H3 200 704 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
545 B 129ms
127ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=ryhijkuak1ukwrwg

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5152b5c1bfe4bfc0f9a800cac307c8ceb449f6fd48ed6b8cf332ccfc0c332c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-IZieu9xqfPATNrQOWxpGsamH6/M"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 749a0a61b8f9bbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11301
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"2e2f-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 749a0a60ef97bbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11301
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"f2a-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 749a0a60ef99bbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11301
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"8abb-18321a2e090"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 749a0a60ef9bbbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 28ms
28ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11301
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"19c7-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 749a0a60ef9cbbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81117537-17&cid=311598701.1663000365&jid=493730783&gjid=2088191295&_gid=585617554.1663000365&_u=ACCAgEABCAAAAE~&z=442260214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 16:32:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1010610674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=493730783&gjid=2088191295&cid=311598701.1663000365&tid=UA-81117537-17&_gid=585617554.1663000365&z=827425357

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 16:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85661
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1144 Show response
api-esp.piano.io/publisher/unattended/ Frame D9E3 138 KB
45 KB 118ms
118ms Document
text/html 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 749a0a61281bbbd4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 16:32:41 GMT
etag: W/"22682-LExzyUZpIdsk76fZ2i4eHzXaeKY"
expires: Tue, 12 Sep 2023 16:32:41 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 css
fonts.googleapis.com/ Frame D9E3 2 KB
539 B 20ms
19ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 15:04:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 16:32:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 16:32:41 GMT

GET
H3 200 mail-logo.png
api-esp.piano.io/public/sdk/v04/assets/ Frame D9E3 18 KB
18 KB 23ms
22ms Image
image/png 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/mail-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
cf-cache-status: HIT
age: 11880
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18301
last-modified: Tue, 30 Aug 2022 16:46:14 GMT
server: cloudflare
etag: W/"477d-182efa573f0"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 749a0a634c4cbbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

GET
H3 200 success.png
api-esp.piano.io/public/sdk/v04/assets/ Frame D9E3 20 KB
20 KB 23ms
23ms Image
image/png 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/success.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
cf-cache-status: HIT
age: 11764
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20011
last-modified: Mon, 29 Aug 2022 19:06:55 GMT
server: cloudflare
etag: W/"4e2b-182eaffe498"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 749a0a634c50bbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 16:32:41 GMT

POST
H3 200 w_shown Show response
api-esp.piano.io/tracker/lucid/event/704/1144/ 39 B
519 B 131ms
130ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=ryhijkuak1ukwrwg

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 749a0a641ddfbbd4-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 w_shown
api-esp.piano.io/tracker/lucid/event/704/1144/ Frame 0
0 117ms
117ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=ryhijkuak1ukwrwg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 749a0a635b1f9948-FRA
date: Mon, 12 Sep 2022 16:32:41 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
263 B 9ms
9ms Image
image/gif 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1663000368993&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20105.0.5195.102&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1663000363991&ns_ts=1663000363990&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1663000363991&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:32:41 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: 17bZkCls5TFqejcpRuA3R5sgFie7ulzmuVMADvjA7aT2mcEDcBvDEQ==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H3 200 391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame B7A7 13 KB
13 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 485945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 07 Sep 2022 01:33:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 01:33:36 GMT

GET
H3 200 d34ccf238d4bf4e0765398db2e1d9d0c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame B7A7 16 KB
16 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/d34ccf238d4bf4e0765398db2e1d9d0c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 485897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16534
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 07 Sep 2022 01:34:24 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 01:34:24 GMT

GET
H3 200 d34ccf238d4bf4e0765398db2e1d9d0c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame B7A7 16 KB
16 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/d34ccf238d4bf4e0765398db2e1d9d0c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 485901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16534
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 07 Sep 2022 01:34:24 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 01:34:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kold.com/	1970-01-20 05:56:43	Name: AKA_A2 Value: A
.piano.io/	1970-01-20 05:56:42	Name: __cf_bm Value: bJSYR1wiyHGFKJ90DmvZWzOthkpKm7glngrKsBgC1_k-1663000356-0-AXP64BKDINvxtfR1ZRizpQLDXnAzpKXzn3TvQk8WJ+5XREt6cFphwh1vuYierWExe5H0cU70DbZTl9njdR6apig=
.kold.com/	1970-01-20 15:25:28	Name: _cb Value: CAi3hhDXi5uSCbVtOT
.kold.com/	1970-01-20 15:25:28	Name: _chartbeat2 Value: .1663000364575.1663000364575.1.BAP1LFcp1kDCHFRrVf2z2EDZCefX.1
.kold.com/	1970-01-20 05:56:42	Name: _cb_svref Value: null
www.kold.com/	1970-01-20 06:39:52	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kold.com/	1970-01-20 14:42:16	Name: usprivacy Value: 1---
www.kold.com/	1970-01-20 15:18:16	Name: cto_bidid Value: YAeqLF8lMkJmNDVwJTJCWlV3cjVMUU0xY01KNUpkaXliS1AwZVV4ZE9adUpnWEFjUTJUeklUVUdMTFlnQmlxYXBlYnYweXJ2MnJFQWxYNkFHUTNKWFp2Wmd6S3RqNEElM0QlM0Q
www.kold.com/	1970-01-20 15:18:16	Name: cto_bundle Value: SKNu1F81ZHpxUWF0UnZOMEJhVjZVVWJZayUyQkNpQzJDM2ZHMWR6TXZIJTJCb3o5VGhCQ3lnZjdlbjBKMk1hS0UlMkJCeWtlSzJnQXhZNW5HNHU1THdpJTJGOFh5OE5DcWtmQjJNWVpCY3JxSSUyQld6TklaTGRHUlZPQVNkVkRyeSUyRjRNTDNaZ0l0Wk9RUQ
.kold.com/	1970-01-20 05:58:06	Name: _gid Value: GA1.2.585617554.1663000365
.kold.com/	1970-01-20 05:56:40	Name: _gat_RMD Value: 1
.kold.com/	1970-01-20 15:32:40	Name: _ga_RN7RQJ27EZ Value: GS1.1.1663000365.1.0.1663000365.0.0.0
.kold.com/	1970-01-20 15:32:40	Name: _ga Value: GA1.2.311598701.1663000365
.kold.com/	1970-01-20 05:56:40	Name: _gat_UA-154518538-42 Value: 1
.simpli.fi/	1970-01-20 14:43:42	Name: suid Value: BB3EC42EC83E4FC983B1CA6395159053
www.kold.com/	1970-01-20 14:42:16	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Daa86f630-8aaa-4dbf-bf7a-503b193f8802-tucta18e4a5
.kold.com/	1970-01-20 15:32:40	Name: _awl Value: 2.1663000357.0.5-ace82c6bb630408b54852a9e3f38dc8f-6763652d6575726f70652d7765737431-0
.adnxs.com/	1970-01-20 08:06:16	Name: uuid2 Value: 3722545539410980512
.casalemedia.com/	1970-01-20 08:06:16	Name: CMPS Value: 1126
.casalemedia.com/	1970-01-20 05:58:06	Name: CMST Value: Yx9fJmMfXyYA
.casalemedia.com/	1970-01-20 14:42:16	Name: CMID Value: Yx9fJn1Dq3NPYHQ2ed7yWwAA
.casalemedia.com/	1970-01-20 08:06:16	Name: CMPRO Value: 1206
.casalemedia.com/	1970-01-20 14:42:16	Name: CMRUM3 Value: 2d631f5f2605a0&bc631f5f2605a00&27631f5f260b40&ce631f5f2605a0&9c631f5f2605a00&e6631f5f262760&f1631f5f2605a0&12631f5f2605a0
.acuityplatform.com/	1970-01-20 14:42:16	Name: auid Value: 692427341594
.acuityplatform.com/	1970-01-20 14:42:16	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQUxROnKimGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFMUTpyoo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.owneriq.net/	1970-01-20 15:32:40	Name: si Value: Q7162867581395166079
.owneriq.net/	1970-01-20 06:11:04	Name: p2 Value: cc
.turn.com/	1970-01-20 10:15:52	Name: uid Value: 4493630889935331249
.yahoo.com/	1970-01-20 14:42:37	Name: A3 Value: d=AQABBCZfH2MCECjGkIXXw9c71xFHgeIMVhgFEgEBAQGwIGMpYwAAAAAA_eMAAA&S=AQAAAj9KzZACu5e12MpIfdKxxrw
.company-target.com/	1970-01-20 15:32:40	Name: tuuid Value: b9637b86-0071-4bcf-96f3-edfaa17d7408
.company-target.com/	1970-01-20 15:32:40	Name: tuuid_lu Value: 1663000358
.adnxs.com/	1970-01-20 08:06:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?chee@o!]tbPl1M>e)ZlrFUfJ+tGXxo7E<0VsF4h<xY0[Sk<T_0zPnL'nOyy!FMvTz[3If)y3KL9D3I?+yt.x*a
.eqads.com/	1970-01-20 08:07:42	Name: EQUser Value: UID=07365f69-f611-4e8f-b8a4-9d6a1b476cad
.doubleclick.net/	1970-01-20 15:18:16	Name: IDE Value: AHWqTUk5l3qlh1W3f-koza_yh1RXrYidP3WtoUjN0bwRGk_obOmldzWmFxRlUvvTOZk
.kold.com/	1970-01-20 15:18:16	Name: __gads Value: ID=a3e350a44c8480a3:T=1663000358:S=ALNI_MZfKNYH1HMyPDHXmy06otw8hgoFlw
.casalemedia.com/	1970-01-20 08:06:16	Name: CMTS Value: 5180
.doubleclick.net/	1970-01-20 05:56:43	Name: DSID Value: NO_DATA
www.kold.com/	1970-01-20 05:56:43	Name: _lr_retry_request Value: true
www.kold.com/	1970-01-20 06:39:52	Name: _lr_env_src_ats Value: false
www.kold.com/	1970-01-20 07:23:04	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-12T16%3A32%3A39%22%7D
.kold.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1663086759494
www.kold.com/	1970-01-20 10:15:52	Name: _pubcid Value: %7B%7D
www.kold.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1663000368418%2C%22visitNumber%22%3A1%7D
www.kold.com/	1970-01-20 14:42:16	Name: pnespsdk_visitor Value: ryhijkuak1ukwrwg
.kold.com/	1970-01-20 05:56:40	Name: _gat Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/6623718865651212910/index.html".
security	error	URL: https://47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/863300823173379816/index.html".
javascript	error	URL: https://www.kold.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.kold.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47f12e31c1bbb70b825b8fc1b55fb851.safeframe.googlesyndication.com
684dd311.akstat.io
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-esp.piano.io
api.rlcdn.com
bttrack.com
c.go-mpulse.net
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cdnmetv.metv.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
fiaqjiaafmaaakqce3yacgqaabrr6xzh-p4qvrv-3cb855c5c-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gray-kold-prod.cdn.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
image6.pubmatic.com
images.taboola.com
js-sec.indexww.com
kfpqki27munskyy7l4tq-p4qvrv-b46fca9c0-clientnsv4-s.akamaihd.net
mab.chartbeat.com
match.adsrvr.org
mug.criteo.com
operationchicken.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
polyfill.io
pr-bh.ybp.yahoo.com
px.owneriq.net
r.casalemedia.com
reconditerespect.com
region1.google-analytics.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
staticcdn.metv.com
stats.g.doubleclick.net
sync.taboola.com
t.pubmatic.com
tag.simpli.fi
tpc.googlesyndication.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
use.fontawesome.com
webpubcontent.raycommedia.com
www.burst.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kold.com
www.metv.com
www.queryly.com
www.tucsonnewsnow.com
x.bidswitch.net
api.rlcdn.com
104.18.18.126
104.18.19.126
13.32.121.17
141.226.224.32
141.226.228.48
142.250.184.230
142.250.185.194
151.101.129.44
154.59.122.79
169.50.137.179
169.50.137.182
172.217.16.194
178.250.2.146
18.194.190.42
185.64.189.226
185.89.210.180
192.132.33.46
198.47.127.19
198.47.127.22
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
216.58.212.130
23.35.236.188
23.35.236.201
23.35.236.247
23.36.162.26
2400:52e0:1e00::863:1
2400:52e0:1e00::864:1
2600:1901:0:3b3e::1
2600:1901:0:ccb0::1
2600:9000:223c:cc00:18:1fcd:351:7bc1
2600:9000:223f:f800:8:48e:53c0:93a1
2606:4700:20::681a:d56
2606:4700:20::ac43:4a81
2606:4700:3033::6815:3f36
2606:4700::6810:2a41
2606:4700::6811:180e
2606:4700::6812:c4c
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c0c::9c
2a00:1450:400e:802::200a
2a02:2638::1c
2a02:26f0:11a::6867:4853
2a02:26f0:3500:12::1730:178a
2a02:26f0:64::214:84a7
2a02:26f0:7100:594::11a6
2a02:26f0:ea:4ba::11a6
2a04:4e42:400::714
2a04:4e42:600::300
2a04:4e42:800::282
2a05:d018:d29:3602:330c:6850:f997:69b7
3.126.56.137
3.33.220.150
34.236.72.34
34.249.7.180
34.95.81.168
34.96.71.22
35.164.244.115
52.217.72.206
52.222.214.127
52.46.128.147
52.73.204.82
54.146.231.30
54.208.44.81
72.251.241.204
92.123.21.100
95.101.27.37
014a4fd38e88cd8e333a6147e01efb1ad3c1b00e3118ac82c600b3ffc2df7668
065fa8ab7b0fc704e99d3144be90153d878027787b6270d6b14de7bc86426b51
072ce4e81ac9a28ba2ce801b147f5088e33425e63d2edc664aa33f1f32787c13
075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
0e953d8be3894a05b7263b16d09d44c50aed857b54fe5dd952b3f41478dad8b6
10f22b5a4ced1fcdb4791fe6b2df0d7b01bf237571629b1da96eb341ec7eefa1
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1300f8d417007f0f7e116e923bcd0b9aeb88c01398692df03b056c32c5b1fcb9
140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae
16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69
1d5430c434b8a0d0a78e945f75844b63e6e3d89dbab6fefc2758741a14d0f5b5
1e8172606badec8c6f6c958eabb81f78ba4eac9ec9abd5cd8650a83e822160da
1f0478b231a53d9b32a88dbb1b1c01c07a9709f4353fb67d2571754cb8885434
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
215902ba2f138be823cdbc08fadf6903c4ee7452f71d425d4f50e795386e4023
21bc5e8a58c3314c31b6a5f2fb9e308027063e653c4cd6ef944f23d8a7d1079d
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
23aaf2985edbf6f38a76c28e210f881fbba56a0c63c66e3f150d3946fe845a4a
2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52
29c149a1168f34acbe61e1783237cbfff79913653080c87bbc1fc970fbbcce75
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2b5152b5c1bfe4bfc0f9a800cac307c8ceb449f6fd48ed6b8cf332ccfc0c332c
2b561232d6686611c057eef4a1b0b37438eebaa5f212f7fb00d208d49277974a
2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa
2df823cd9f5cc5e07a9938f023c1d85058e5033132e977757e9f3870a9e60799
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3108a08e169be8e2b1246aeb92bddf2128937f96cc5be3472f6d73a083d23699
339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
353c5f8fdb83bea0dbf3c470decf933e60a72fd61d05091bcb2be7d5052ad1d4
363bc76c75cd486b049f1d19c49971040660a9913d22e3bfa8af8e7c8ce5c410
39a08443367497433dcc9d682f7abb159fc2a91cb5c2cab6c69f55028363921a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86
46313314a98833c189ea7a3f8ddf03ba87301e1db3b98d5e0bf92f69da73dec2
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c606fe88509725549422c14c85f7c7a88cb0bbae758564659cbbf4cc69ed9ba
4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d
514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6
516df38c3d366a652085d82d924ee67035e6055fe0067fe5edc6600d3f68bf66
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5cdf78d3cd01099efb31f716affd336f6ec3d0659f80ea7696c28886616bf108
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66a215aa355f528bc8815451ddef5039643d3a4384cfb6133b34c5626c1cb676
68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2d31b22c5fe03ddcc58939f2b17f34482eea6030850b878d6be1d3383e525b
6e056e6833fe59dbb9c5d0aea4d101e57d3c6b21faf5a8fbef40222b171dc7a7
6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077
6ff62e5912b95c0c2180027147f4b549a001f0ff111bb405d1db0c4c0a8fb92d
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
721a03fa5b84a64bd27ae64af4f9e909b94f4be62e9cd968eb615b4f6d9ee79d
75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756
797c73c19ec76b7b5c9645641f0745aa60a66cccbb1dcd94a8d7b7a30b5b1460
79c47417b46a266ca42e19babddbfb31798fdb0dddb300158d3a3f18c7f87712
7aab757e2070b49383573d06e611b14aef47a68f97808c4510381adf87aa0730
7b2f6441431e44c2fa924b19b88957348e2fed686d5e30f667b67a92abbb2c21
7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2
7d0c7578891a2d68a00573b2846bb28bd29e0448c9f44b1571c423eb347ab79e
7de5b78c27a03edb8a4845ec0e377341e157abe6b565b4206c43d7ed4bc4e90e
8013e69343df8727fdd7eeec1c682c1d4d03f7454562eabfba3f6753714cc4a4
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e925f200e1c3cf6fdb79ab69bf940c3df562ce54202ad1816598941230670a
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8c9e50866b2218b74bf07b2e88110ea4e42cd67c1789129a1d228994f9f44722
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de81724e48d56234c8f39b8f1c92bcec54878f7984b048ea05d309891335ba2
8e8f53fb4a50896f3f9a0019d9b0eb91b1579a6deedec114b295b02ccf4a4d9c
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
92a8ba0e067893b9b18ef4d74ea584f3f06857cc1b96e2fda8e67d0f3d05c111
9334288efd122436a2e9cfdbdc7d375af435f857491dd361c95e649ed498438f
94af4ea73ba59612546b35294590e115ce75a8490bc0d3a74b440060aacdd0e3
94e64e9bc6d7e96a781372aca3abfc1a66eddbadd04a10446816b33db480637f
98692089d29092690e90786055698a3f1edd408aa919b2c7b3309033682e88d0
987ef45056218a6acc24e7b059633ef9a7ca152ed35114627a4219e073745072
98bead1cac77ceefd62cfd857c19311a09d227a33a4b7a183165a4ae5d343bbe
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c78eec7097cbf19114000da0c0ca5e2cc7f30a3d83ff71b9792b4e6c0c4f31
9a25cd45168fd56ffcfab5d6c921dc2b95e3a72a7e6e3daa1d1c8674f2e0d347
9b323045b289df04204bbe451316cc6424b25f3cd54c0715ba4f3b6d87e89889
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a700e5348843e1453c39144a1eb1f1eb2cd30ab684e78222a767541eb75f3d56
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad1498a7b63494d9fb005ed1e32bc35c5aab9a3f94cecc45af77508c8a3a5a50
ad61a748965263a36caec1809125c2487834cc94d875db3b3c35a85cdf1cf450
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af130aa4afb0e14dd94023d6ae7e755fe9f9e4fba999c227bf1578d63a757d2c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208
b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39
b67f1d3eeb11eb53d6604f5e51e2d71e3a65eb376289158ffac3b2a0e22edc4b
b77967609a5cfadd44834dbc5cecb8bea5f96e3b6d6f66cd9fd8702e42390a52
b8ec1cc9eefba4a54562f24cd80121e505c0c7f36c4e86ed48236c5b86c9c1cf
b9d6c50140004c0e49d2f04d3846e6d79fde74ef73c346d04ef75b8719d70fd8
ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1b2d52ccdd512aa9d114820047edfa0d041cc56d0f719d51ae332d1f4de5e47
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23cfc9f0714dc2a044f943226120d3dad076ee293af28f24dd3da9963455aaa
c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2
c4b5932103201fa3c6adfc6a42f5dc59cc9e1094edbc5b244ffc300da1d8c099
c51a7ad83a8c8e34f5176021e33ba259dd545c9f5477afcbcc745b7581ca7d6e
c81e46ec29f04dd5f649c435a146e58114059537a62790af29f621096026671a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
ca88cbedc87a953ee6479efea29f0f87f2cf40ca2f30a4c3bb868d6f02e924e0
cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb
cb988e76688015eef050b472600d50ac35a700afc560b0902a31e4213dc4efce
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee
d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8
d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c
d7bc06dbfec64427b00e9dfb01ee14adde86549b51bf6a9dbe7a9aeabbc5b5c9
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da2b1186ad233d62946ccf364963cfa1d5a73766b78fbeeb4134172675f42b03
dbd7dd9f4374bd901a372d2ab72e4ae88fef776c8970a6a3bfa4c935eb2df81a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defc3b31fc92aba5067fe8162a267d418d1296928c22dd232432b7dc76c7148f
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
e275b8c814bb72eaefaf6f7743c72e1a63d922c50328086ee40e660d84052b25
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055
e67a55a2683aa57e1311058128f48cdea7862ef8d1890fad8ecfe7707858b443
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec4a0e3b847cba3a95956fc16ac0f06090c5e343e3c008c1d224f4c113569720
ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5
edefbb5bafbee7ae033639db39b94b1dc77540675dcda9daf488777f2bdfaedb
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb
fd1d4d1fb41a767817884d4a6abf5ce992848d6eb6aec4d402589a81d94b8fed
ff4dae67065454b29d33c329f68e3668ccc8d2d9f3d466d911e2ae0972f160a2

www.kold.com Open in urlscan Pro 2a02:26f0:3500:12::1730:178a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

92 %HTTPS

51 %IPv6

57 Domains

91 Subdomains

78 IPs

10 Countries

5413 kBTransfer

12737 kBSize

45 Cookies

26 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kold.com Open in urlscan Pro
2a02:26f0:3500:12::1730:178a Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

92 %
HTTPS

51 %
IPv6

57
Domains

91
Subdomains

78
IPs

10
Countries

5413 kB
Transfer

12737 kB
Size

45
Cookies

334 HTTP transactions
11 data transactions