Submitted URL: http://geissblog.de/
Effective URL: https://geissblog.koeln/
Submission: On February 03 via manual from DE

Summary

This website contacted 48 IPs in 10 countries across 36 domains to perform 291 HTTP transactions. The main IP is 104.26.4.190, located in United States and belongs to CLOUDFLARENET, US. The main domain is geissblog.koeln.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.
This is the only time geissblog.koeln was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:8d8:100f... 8560 (IONOS-AS ...)
74 104.26.4.190 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 35.190.72.53 15169 (GOOGLE)
1 92.51.173.106 61157 (PLUSSERVE...)
4 143.204.93.3 16509 (AMAZON-02)
1 2001:780:12e:... 12337 (NORIS-NET...)
1 85.159.214.153 63949 (LINODE-AP...)
1 3.17.116.255 16509 (AMAZON-02)
1 192.0.77.32 2635 (AUTOMATTIC)
1 92.51.173.91 61157 (PLUSSERVE...)
1 145.239.0.62 16276 (OVH)
1 37.157.6.245 198622 (ADFORM)
1 2 172.104.157.168 63949 (LINODE-AP...)
1 80.82.217.101 24961 (MYLOC-AS ...)
3 143.204.93.122 16509 (AMAZON-02)
2 2a00:1158:100... 8972 (GD-EMEA-D...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 35.190.63.234 15169 (GOOGLE)
4 54.172.220.77 14618 (AMAZON-AES)
2 151.101.113.194 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 146.20.132.64 27357 (RACKSPACE)
41 146.20.128.101 27357 (RACKSPACE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 3 37.252.173.27 29990 (ASN-APPNEX)
1 104.108.145.8 16625 (AKAMAI-AS)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 20 2.18.234.233 16625 (AKAMAI-AS)
3 54.204.53.197 14618 (AMAZON-AES)
6 9 3.123.110.9 16509 (AMAZON-02)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.124.119.192 16509 (AMAZON-02)
2 3.126.56.137 16509 (AMAZON-02)
22 104.108.144.214 16625 (AKAMAI-AS)
3 10 35.244.159.8 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 185.64.190.75 62713 (AS-PUBMATIC)
7 2.18.233.180 16625 (AKAMAI-AS)
2 3.139.146.156 16509 (AMAZON-02)
4 3.123.200.209 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 72.21.206.140 16509 (AMAZON-02)
291 48
Apex Domain
Subdomains
Transfer
76 lkqd.net
ad.lkqd.net
v.lkqd.net
t.lkqd.net
474 KB
74 geissblog.koeln
geissblog.koeln
2 MB
34 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
255 KB
22 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
151 KB
11 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
7 KB
10 openx.net
vidoomy-d.openx.net
3 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
8 KB
7 intellitxt.com
images.intellitxt.com
k.intellitxt.com
68 KB
7 apester.com
static.apester.com
events.apester.com
83 KB
4 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
196 KB
4 privacy-mgmt.com
cdn.privacy-mgmt.com
52 KB
3 emxdgt.com
vast.emxdgt.com
993 B
3 adnxs.com
ib.adnxs.com
3 KB
3 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net Failed
312 B
3 googlesyndication.com
pagead2.googlesyndication.com
166 KB
3 gstatic.com
fonts.gstatic.com
37 KB
3 recognified.net
cdn.recognified.net
rads.recognified.net
168 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 criteo.net
static.criteo.net
58 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
69 KB
2 dergeissbock.de
dergeissbock.de
65 KB
2 adsafety.net
concheck.adsafety.net
cm.adsafety.net
632 B
1 amazon-adsystem.com
s.amazon-adsystem.com
344 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 criteo.com
gum.criteo.com
1 casalemedia.com
ssum-sec.casalemedia.com
315 B
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 adform.net
adx.adform.net
649 B
1 steadycdn.com
steadycdn.com
131 KB
1 wp.com
s0.wp.com
3 KB
1 vidoomy.com
ads.vidoomy.com
3 KB
1 h5v.eu
geissblog-koeln.h5v.eu
121 KB
1 steadyhq.com
steadyhq.com
2 KB
1 geissblog.de
geissblog.de
224 B
291 36
Domain Requested by
74 geissblog.koeln geissblog.koeln
41 t.lkqd.net ad.lkqd.net
20 ads.stickyadstv.com 2 redirects ad.lkqd.net
vpaid.springserve.com
cdn.stickyadstv.com
19 v.lkqd.net ad.lkqd.net
16 ad.lkqd.net geissblog.koeln
ad.lkqd.net
12 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
10 ads.pubmatic.com vpaid.pubmatic.com
10 vidoomy-d.openx.net 3 redirects ad.lkqd.net
9 ads.adaptv.advertising.com 6 redirects vpaid.springserve.com
ad.lkqd.net
7 aktrack.pubmatic.com
5 vid.pubmatic.com vpaid.pubmatic.com
4 ads-eu.v.ssp.yahoo.com
4 k.intellitxt.com images.intellitxt.com
k.intellitxt.com
geissblog.koeln
4 events.apester.com static.apester.com
4 cdn.privacy-mgmt.com geissblog.koeln
cdn.privacy-mgmt.com
3 vast.emxdgt.com ad.lkqd.net
3 ib.adnxs.com 2 redirects vpaid.springserve.com
3 pagead2.googlesyndication.com geissblog.koeln
pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 images.intellitxt.com geissblog.koeln
k.intellitxt.com
images.intellitxt.com
3 static.apester.com geissblog.koeln
static.apester.com
3 fonts.googleapis.com geissblog.koeln
steadycdn.com
2 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
2 vid-io-cle.springserve.com vpaid.springserve.com
2 vpaid.springserve.com ad.lkqd.net
2 ups.analytics.yahoo.com
2 pixel.advertising.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 static.criteo.net images.intellitxt.com
static.criteo.net
2 www.google-analytics.com steadycdn.com
www.google-analytics.com
2 confiant-integrations.global.ssl.fastly.net geissblog-koeln.h5v.eu
confiant-integrations.global.ssl.fastly.net
2 dergeissbock.de geissblog.koeln
2 rads.recognified.net 1 redirects geissblog.koeln
1 s.amazon-adsystem.com
1 search.spotxchange.com vpaid.springserve.com
1 cm.g.doubleclick.net
1 gum.criteo.com static.criteo.net
1 ssum-sec.casalemedia.com geissblog.koeln
1 www.google.de geissblog.koeln
1 www.google.com geissblog.koeln
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cm.adsafety.net geissblog.koeln
1 adx.adform.net cdn.recognified.net
1 concheck.adsafety.net cdn.recognified.net
1 steadycdn.com steadyhq.com
1 s0.wp.com geissblog.koeln
1 ads.vidoomy.com geissblog.koeln
1 cdn.recognified.net geissblog.koeln
1 geissblog-koeln.h5v.eu geissblog.koeln
1 steadyhq.com geissblog.koeln
1 geissblog.de 1 redirects
291 52
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-05 -
2021-08-05
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
static.apester.com
R3
2020-12-19 -
2021-03-19
3 months crt.sh
*.steadyhq.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-12 -
2022-11-14
2 years crt.sh
*.privacy-mgmt.com
R3
2021-02-03 -
2021-05-04
3 months crt.sh
*.h5v.eu
Thawte RSA CA 2018
2021-01-20 -
2022-02-11
a year crt.sh
*.recognified.net
R3
2021-01-05 -
2021-04-05
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-13 -
2021-08-13
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
joinsteady.com
R3
2021-01-12 -
2021-04-12
3 months crt.sh
*.adsafety.net
AlphaSSL CA - SHA256 - G2
2019-02-21 -
2021-02-21
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
images.intellitxt.com
Amazon
2020-11-08 -
2021-12-07
a year crt.sh
dergeissbock.de
Starfield Secure Certificate Authority - G2
2020-08-17 -
2021-08-31
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
events.apester.com
R3
2020-12-19 -
2021-03-19
3 months crt.sh
*.intellitxt.com
SSL.com RSA SSL subCA
2020-11-04 -
2021-12-05
a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-21 -
2021-04-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
ad.lkqd.net
R3
2021-01-26 -
2021-04-26
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.lkqd.net
Go Daddy Secure Certificate Authority - G2
2019-05-13 -
2021-07-12
2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-11-17
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-24 -
2021-04-20
6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2020-02-26 -
2021-05-27
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.springserve.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-09-03
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-12-26 -
2021-06-22
6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2019-03-18 -
2021-03-17
2 years crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA
2019-11-25 -
2022-02-18
2 years crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh

This page contains 41 frames:

Primary Page: https://geissblog.koeln/
Frame ID: AF0A5664877F9D8F345154802FED5894
Requests: 159 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
Frame ID: 1E03EC2C63E14A9DD4CE6BF556546F26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Frame ID: F9609B7CA0774D263F0B8E4D68616DF1
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A54C8A9DA5AA2E694B0BB6185F40E4B3
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: EB22A9AF3D11303D0EEA136FCDBF4D6E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 03B82A0EC97A9E18913663FFAB8AD927
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A41C6DA8003530B5D03983109CC3BE66
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7ED1DE586919F247EF108FEE5BAA3B5B
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9B8BB9FB2302CB8A3D6D0D774466285E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A86FD0BB2A096362E43DB0B1990332F9
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F08D3DB3D6CDD8E05804DD13F07FBD12
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C2BDF55AE9BB05B469F0D07E12318D3A
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Frame ID: EBD040E1EB8839350CC0C94EE6699A67
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_9533396a.js
Frame ID: 24807976DAB4C9946D4A3D8B530531A0
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Frame ID: 3A5B4435DC1F675AD5A97681CF04F918
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 52D647EC9951C7BBE51EAF68A7F7D975
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Frame ID: 8567BD6C7CBDED800DEB5B508E2613EA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D20EA7F7F8995CE313E87FC71F7C58C2
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: F0C422AA201E9D466AF7E7E9981D929F
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0A1F3D22BA6D1B5FEEE038F30F41A578
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 42823BD397E1272366DF4B2F073FF5CB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 854620ADA3A258236262B92A4E8FF577
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A649FF565158E7E3B2964ACD46CA32EF
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F52A561B5F152C9136E88F55698B9978
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_9533396a.js
Frame ID: 0CC6CD59D54204131C31A5CD865149A4
Requests: 12 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: 550A1E607F2DD23A08D92ED09029346D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 831F06C797977C38C5174C5C541BB344
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: B72E32D65C4BD5A7627DF9F06A2806F6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9738EAB8D37DA8806B76834B0C119B4F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: EDFC86D346C0DEB4F52F2708B41F163E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AD341B772F1C3ADC56821674ED6A5D40
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 2EFC6625F06AD95DAB97256018E080D5
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 0780B34C7194FC71F0CF0BD908B703AC
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6377C0ED21E2A226D4736CBBF0F8D6B7
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 904CF21730F8000DCAD4D3ED87D389CB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DE109521403EE254BCFF5778F3564E86
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F568870A7FF49C9C155001B062852528
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9E401A96090072437956DEB9BCA2E418
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7B32D3B0DB5B67E7EE4BF7DCFC92F28D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8481E6FE64143A2681C2A8970194AAEE
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 10FC786CBF098D5131A88E4636659743
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://geissblog.de/ HTTP 302
    https://geissblog.koeln/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

291
Requests

97 %
HTTPS

32 %
IPv6

36
Domains

52
Subdomains

48
IPs

10
Countries

3922 kB
Transfer

10257 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geissblog.de/ HTTP 302
    https://geissblog.koeln/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://rads.recognified.net/cm/ HTTP 302
  • https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
Request Chain 130
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fk.intellitxt.com%2Fcsync%2F0%2Fappnexus%2F%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fk.intellitxt.com%252Fcsync%252F0%252Fappnexus%252F%2524UID HTTP 302
  • https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
Request Chain 140
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 143
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=289940278&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAa50acfac-665f-11eb-98b2-0687339652a0?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
Request Chain 144
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 145
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=449471018&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAa4fcd6a4-665f-11eb-a119-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
Request Chain 147
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
Request Chain 148
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
Request Chain 185
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=
Request Chain 187
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=
Request Chain 203
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=
Request Chain 205
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=
Request Chain 238
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1939dbfb9d5c3ac1f8c3e633901aff87&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g030_6925139391862573939 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKtvz_IozzqjpiaHKbxzcSk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b01c49c-d453-4034-9015-86cc3479a2d3 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YBsJlgAAAJCoXFZV HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YBsJlgAAAJCoXFZV&_test=YBsJlgAAAJCoXFZV HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1f44601b-098f-4600-8e98-90833ff98e5e&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=538953412995131601 HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2776833428396175541 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1939dbfb9d5c3ac1f8c3e633901aff87&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-q6uFQgR1lwTevzkj_LxB3Fyw0yWo7J.RZnAyr929 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4797849&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aaab4810-665f-11eb-9da8-4b9782986078 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
Request Chain 243
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
Request Chain 244
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 287
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz
Request Chain 288
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,

291 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
geissblog.koeln/
Redirect Chain
  • http://geissblog.de/
  • https://geissblog.koeln/
307 KB
45 KB
Document
General
Full URL
https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.23
Resource Hash
2a23beaf4513879e5821fff335370ee59d0175fc87e6dd8a6fabbc76bb44a9d8

Request headers

:method
GET
:authority
geissblog.koeln
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d07d69b02a5d96527cab00f0fba706e511612384652; expires=Fri, 05-Mar-21 20:37:32 GMT; path=/; domain=.geissblog.koeln; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.2.23
x-cache-handler
wp
last-modified
Wed, 03 Feb 2021 18:40:58 GMT
cf-cache-status
DYNAMIC
cf-request-id
080b36641700004c3d43874000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V47l8Xpu2uBPIK%2BwOetn%2BqNTF9LSZAcUoLNJdjs3hRP%2BHI0qUrx%2BX8I91jsrgpt%2BWxlj9xezES5sfJOzbycjOa4raondLJJfMUc4v4HCEBA%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61bef34cfbdc4c3d-AMS
content-encoding
br

Redirect headers

Content-Type
text/html; charset=iso-8859-1
Content-Length
207
Connection
keep-alive
Keep-Alive
timeout=15
Date
Wed, 03 Feb 2021 20:37:32 GMT
Server
Apache
Location
https://geissblog.koeln
css
fonts.googleapis.com/
1 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,600,800
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0f4831384e5f952f5be620c856801cbe0f152c7d7e73dedb1716f68ca2a49ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 20:37:32 GMT
server
ESF
date
Wed, 03 Feb 2021 20:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Feb 2021 20:37:32 GMT
style.min.css
geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/css/style.min.css?v=0.9.2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8bb2546a86dec43e711b8fa1cc7c58e3cc1bebdd80ccaa96dad4332e7ef27a

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Sep 2020 14:07:55 GMT
server
cloudflare
age
1621
etag
W/"1a61-5af0a3612f356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2B5wMAiNew%2F%2BlNcW9h%2FFBYTfPIThB5CqDe0VDNEjW04zJF%2Fxcvevtv9cscZtCf88iFAEZCTpXFtBTOFnKmBJqw%2BvCq2iXCH1z78n55p4ydw%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e1f554c3d-AMS
cf-request-id
080b3664cb00004c3de7048000000001
bs.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/bs/css/
29 KB
5 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/bs/css/bs.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd347f2e729a461cbb7297358ce65ae9f7bce3d5b3103173d016c532b281d7b

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=29338
cf-request-id
080b3664cb00004c3d18360000000001
last-modified
Fri, 15 Nov 2019 23:29:58 GMT
server
cloudflare
etag
W/"729a-5976af9e74a61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6%2BIkKpXpwjLd10xgMjBSSuEFCWooMnc%2FGC2TPQ3jXOjvqUto6gpkaNRXcBBMUp9EeDgSISbVSU53Yr1mAaMBs5ZkSP8sz6UlPIrebeLyt1s%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e1f574c3d-AMS
cf-bgj
minify
flat-ui.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/css/flat-ui.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b91b31467145ea200a71c5a17d4f43c93cb5b51af4af31c9a7fa0771f2ee8e

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=29185
cf-request-id
080b3664cc00004c3df5076000000001
last-modified
Fri, 15 Nov 2019 23:29:59 GMT
server
cloudflare
etag
W/"7201-5976af9f469bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z45p0RC%2F0jb9M0ybMnlKqz9xeRv5zvh77GGI7U3ZaOerxyU3aZ6d%2BA5yZ6vUDAF2AZQDW3gWZfcFx%2B4LzgU8No6PBohMQlluFU6I%2BJoBbPg%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e1f584c3d-AMS
cf-bgj
minify
zocial.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/zocial/
41 KB
21 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/zocial/zocial.css?ver=2.9.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9c1685d5ae2a28a30ce5298102d94630cf547a1bc10427756a05c934476f18

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2302
cf-polished
origSize=46958
cf-request-id
080b3664cc00004c3d00a96000000001
last-modified
Fri, 15 Nov 2019 23:30:09 GMT
server
cloudflare
etag
W/"b76e-5976afa93419f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=89lBqqzjY3iMAsXy4nHhcImLS4ADdTNkMriV3LkD3lwtcJ5AxNd1wyDtrZIkf9CCehT6dGODCq6LvU%2B%2F6kPL8%2BJepFk%2B1FYKz8LY3ligQb0%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e1f5a4c3d-AMS
cf-bgj
minify
ppcore.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/ppcore.min.css?ver=2.9.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4353bb5413e2671ebae1e8ab407a4279f471932ac64a582ce8f14dcf18d20b2

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 23:30:06 GMT
server
cloudflare
age
2535
etag
W/"5cc8-5976afa5a0940"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vBmzQxv8KJId4q7qdPbKGXLwZisgLkvFpmBz1ENb2rr9qk655HqlWbnToGFmD1176eFCKIwoC6%2Bi9VnwszHMFzWIcWXtpSd58tIeku2wG8o%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e1f5e4c3d-AMS
cf-request-id
080b3664cc00004c3d16b6a000000001
font-awesome.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/font-awesome/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/font-awesome/css/font-awesome.min.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 23:30:03 GMT
server
cloudflare
age
2920
etag
W/"5cbb-5976afa38ecb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qSPY5%2FU50sp24VVGcyW%2BphIGsyEyMaiisLcDS4dmVSVhHtXRil4LVGc7o8kT6szH1AdrJi5aJ4wtDg7iCxv4Gx0fuznjL0nkfC6y%2FtYgc1w%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e1f644c3d-AMS
cf-request-id
080b3664cd00004c3d4e3f9000000001
chosen.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/
11 KB
2 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/chosen.min.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76a875a6a7dd0a8e9f41d7bd5fe385740b81de4c2863c3ace33680de52c1aa3

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 23:29:56 GMT
server
cloudflare
age
2920
etag
W/"2b34-5976af9ce9248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMmudoViQKVHHjFkm5DiExE6ESsbpp5cb0uMStrMsXBDBLMA7DLvHcFpX945aB%2BycPz7q7jdMBr251ion6WsIGDHn2xrlYN3ysIwIXUFTrs%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e1f674c3d-AMS
cf-request-id
080b3664cd00004c3dfb351000000001
wpp.css
geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/css/
391 B
524 B
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.2.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=1509
cf-request-id
080b3664cd00004c3d200fc000000001
last-modified
Thu, 10 Sep 2020 22:12:16 GMT
server
cloudflare
etag
W/"5e5-5aefcdc6a6275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=25yQuljGIp8Tpls7iylaR4hU2VpYplzr2%2Fb3F15m4yzUjfihj8n3o%2BM76FIfgglr0JV5qnFL07tQoR8pfn3qqG6zZU7RRPPKbB%2FUe%2F7osGI%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e1f6a4c3d-AMS
cf-bgj
minify
style.min.css
geissblog.koeln/wp-content/themes/enfold-child/assets/css/
36 KB
5 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74001dbc57074e4f66703a182f03f607140065647c5a3a3658746157d86b42e3

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Oct 2020 12:58:56 GMT
server
cloudflare
age
2952
etag
W/"90cf-5b1144747775f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lccZq3uvTt%2BxWnaY7jzabPtbBXhlWpQEu65wpOTEJ7EeJ3Owzvz6J62rMxACusYYFwOrwlBv0q8cyHqT5nWJhz8MLFOOlZvX5nsguCPKg88%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e1f6c4c3d-AMS
cf-request-id
080b3664cd00004c3d1123d000000001
grid.css
geissblog.koeln/wp-content/themes/enfold/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/grid.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0407ab8c80d6b6d290c06dbc87a0fc3f8a48733e3f68384ff461274beae72b77

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2302
cf-polished
origSize=9488
cf-request-id
080b3664ce00004c3d08863000000001
last-modified
Tue, 15 Aug 2017 18:47:11 GMT
server
cloudflare
etag
W/"2510-556cf35008e9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M1vVqO%2B1RRtAHZCzLz7818pAxxW1xOeib%2FrO1oSsmthyqb8AuecrWw7D0JTghJIJkc%2FfyOAu1VboVogpCOoNmlHQdQPtmBydQliv7QL1ogw%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e1f6e4c3d-AMS
cf-bgj
minify
base.css
geissblog.koeln/wp-content/themes/enfold/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/base.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57941f510bd6902f2b0f4aa1668ab8cccb87229bd9f4e49994de6e47f51e12c6

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=14862
cf-request-id
080b3664d800004c3d38149000000001
last-modified
Tue, 15 Aug 2017 18:47:10 GMT
server
cloudflare
etag
W/"3a0e-556cf34fe6bba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ZLlHpAloONZtGjAqWK9UYhv%2BGk3Qx0Bea6hIap10nW%2BFrlFYFIehX3ckTaa780BFIbVPO4Lc%2B36hpYyK8y4IWFEC%2FeWedN1qI3tWp884V4%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fa44c3d-AMS
cf-bgj
minify
layout.css
geissblog.koeln/wp-content/themes/enfold/css/
96 KB
17 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/layout.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad585fea5d77cebd31725e9e17719d38c5c45c6dbbd32372f81204cf88321b45

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=116597
cf-request-id
080b3664d800004c3df634d000000001
last-modified
Tue, 15 Aug 2017 18:47:11 GMT
server
cloudflare
etag
W/"1c775-556cf3504d45c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ldz9bhDCHZNxKzgbu86xmWyfj2dye0YL1wER6ZLiJFTpyfsADo%2BXNyvaofE3skky8O2z%2BQPOySUoHbHfQxSKCCRcx7SPdMq3Eb2jjBqDt1M%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fa54c3d-AMS
cf-bgj
minify
shortcodes.css
geissblog.koeln/wp-content/themes/enfold/css/
148 KB
25 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/shortcodes.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309c6e8ef5c13a765026d4bccc5bfae616174d9df2b559ae8ea63302035c40c1

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=189730
cf-request-id
080b3664d800004c3d13015000000001
last-modified
Tue, 15 Aug 2017 18:47:11 GMT
server
cloudflare
etag
W/"2e522-556cf3509dd6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VVPJVhyy6UD9Muq89Kq4l9R%2FV3xHN%2BjbMf8YF7MheKhXT5cBDW2IWEQaX2MRm43fJ5%2Fb12sPRuvM%2Bo4EZPYz6YwLY4iTS52GVPCV86CGykw%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fa84c3d-AMS
cf-bgj
minify
magnific-popup.css
geissblog.koeln/wp-content/themes/enfold/js/aviapopup/
6 KB
2 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903487e9cdcdedbee737f80e2b8f44078441ad98ff1ceea9a8c974945e9e567a

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=7640
cf-request-id
080b3664d900004c3de98fc000000001
last-modified
Tue, 15 Aug 2017 18:47:47 GMT
server
cloudflare
etag
W/"1dd8-556cf372eb9cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LW%2BUZF1h%2FH0rSC4FHMsgQ9U9eCSrRSvyLJtbsOCuF9jafn5tek5tQ1hap1AXxrPGn6QqXeeprTLudzU4IUBLAWuBZPo7oKXjl6r4Nayioa8%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fa94c3d-AMS
cf-bgj
minify
mediaelementplayer.css
geissblog.koeln/wp-content/themes/enfold/js/mediaelement/skin-1/
15 KB
3 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0e982047bf2356b38e7edf3ec5004a739f80feaa98c398d85fb52b8b8f5dbc

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=18247
cf-request-id
080b3664d900004c3de6a5e000000001
last-modified
Tue, 15 Aug 2017 18:48:28 GMT
server
cloudflare
etag
W/"4747-556cf39a4273d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yiy5Pg0VeZNOXAcgZykWAnfvrVXbyDJf4VYkFcClfLo%2BOTS37DaF2jWbejaTNvA1dZptcOvDJOhcGtwpvvZ%2BbTDzJYJ%2Bu%2BDILPnREsmleDo%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2faa4c3d-AMS
cf-bgj
minify
custom.css
geissblog.koeln/wp-content/themes/enfold/css/
84 B
419 B
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/custom.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6706ad7dab8c9155c0f17f80b6fc3684c2b453c8e2c72f7e19eeb7e74700346

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2302
cf-polished
origSize=707
cf-request-id
080b3664d900004c3d4e3fb000000001
last-modified
Tue, 15 Aug 2017 18:47:10 GMT
server
cloudflare
etag
W/"2c3-556cf34fda86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLP8KRJhu8IxATr7sOhrIEvtokv9FvgvDpkyi2C5hO6Xcdn3oT8pKbMIDXtj%2FLGXzvpe8qhUDF51aPAsnPqC3ZLP5OP9OeTc3Jj6eGs4v7A%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fad4c3d-AMS
cf-bgj
minify
style.css
geissblog.koeln/wp-content/themes/enfold-child/
0
335 B
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold-child/style.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2535
cf-polished
origSize=267
content-length
0
cf-request-id
080b3664d900004c3d5387b000000001
last-modified
Wed, 07 Oct 2020 12:59:01 GMT
server
cloudflare
etag
"10b-5b114478e443f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vgwUaPbLjF4Y8Ti80NxN9gKmTB7s3Uj0CERyhPWiD4lXLvK6Y7eR7eneHfTqrMSMpNmESDDqF4ahP4%2BpbqNgPUCZlOTs%2B00WxtgnLbWJyUQ%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34e2faf4c3d-AMS
cf-bgj
minify
jetpack.css
geissblog.koeln/wp-content/plugins/jetpack/css/
72 KB
12 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/jetpack/css/jetpack.css?ver=7.1.2
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2302
cf-polished
origSize=73791
cf-request-id
080b3664da00004c3ded8e3000000001
last-modified
Sat, 23 Nov 2019 10:44:28 GMT
server
cloudflare
etag
W/"1203f-5980136fa3672"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UR6NDFh5Naz%2FX6mS8HMvhggpzNrbF0TTgQy6uZIF3MHrB9iZoUGWDmEkZom%2F467n6l04%2FgYb%2Fe7LBbn44ojyoK6KGd5TjqdntVitJm6Hl9c%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34e2fb24c3d-AMS
cf-bgj
minify
script.min.js
geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/js/
0
293 B
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/js/script.min.js?v=0.9.2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1743
content-length
0
cf-request-id
080b3664da00004c3df0265000000001
last-modified
Fri, 11 Sep 2020 14:07:55 GMT
server
cloudflare
etag
"0-5af0a361898a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9sX7WBkhd0z8M6AJA6C1LkSoehJ1DQJ4oHZXZfdarbr4k55kP%2F2GKB2pNCA0OMZsb5wRDA2lgRQimhSDDSMpjuliDrNC%2BOzSy2ya6mNqCZE%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34e2fb34c3d-AMS
apester-javascript-sdk.min.js
static.apester.com/js/sdk/latest/
249 KB
79 KB
Script
General
Full URL
https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.72.190.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
879e3af6287043464e0fcf6d609b1caebe514923a4a4e2ca2d79bd8ee719dbc9

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:23:24 GMT
via
1.1 google
last-modified
Tue, 12 Jan 2021 11:14:26 GMT
server
nginx/1.19.6
age
848
etag
W/"5ffd8492-3e3e5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
public,s-maxage=942,max-age=942
content-encoding
gzip
alt-svc
clear
content-length
81101
jquery.js
geissblog.koeln/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=96874
cf-request-id
080b3664da00004c3d1294b000000001
last-modified
Thu, 05 Sep 2019 05:55:24 GMT
server
cloudflare
etag
W/"17a6a-591c7f7c1856c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Z%2FwhijNM0VBggMt089yoxPsVvk3QbF%2BputOMvWHy0GHBWpEt6rks8rRwazqfIHGxXwes60XHITNw2KYTaGUME7hL7PV5RbMicpYzdAhLM4%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34e2fb44c3d-AMS
cf-bgj
minify
jquery-migrate.min.js
geissblog.koeln/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:37:57 GMT
server
cloudflare
age
2920
etag
W/"2748-556ce3d679ae1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1axhHvqIh4BJkUqfNdBXJsbSAgqWNy%2F%2B7ZKCmtxHJfM3kt2noNuq%2FICXAaFz3vRj%2FJqVYVMltvBb2eaOWA0xoRz5%2FrRcDMLoRXR%2FUG03QEU%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fb54c3d-AMS
cf-request-id
080b3664da00004c3d46882000000001
zxcvbn-async.min.js
geissblog.koeln/wp-includes/js/
324 B
497 B
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e1e85997f799693c71ee1ad64cbfb6ca48d4c1f2f9961d79e27b05261110be

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:37:38 GMT
server
cloudflare
age
2302
etag
W/"144-556ce3c54cb0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=adE5YpqWiXKAC4kjYK3HL1HIUvqzQSVi8p5CvKDUca5Ec%2BU0jSvSEB2NJ8aQeJh9HQZ8cX876M8qed3s7Sk6SpTGaef6o%2ByH%2Fh4f9V7qZo8%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fb64c3d-AMS
cf-request-id
080b3664da00004c3d3f19a000000001
bootstrap-filestyle.js
geissblog.koeln/wp-content/plugins/profilepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/bootstrap-filestyle.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bdfbfff7a24bc7dc4735a7aa4872a98cd780506db5b896abba8b21df4bec236

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4542
cf-polished
origSize=12249
cf-request-id
080b3664db00004c3d2f28e000000001
last-modified
Fri, 15 Nov 2019 23:30:18 GMT
server
cloudflare
etag
W/"2fd9-5976afb151ba9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IqJhqk3jZ6IInZ0p%2FQR%2FFYWE7RbKyWds%2Fp7vA41XmT6a4EGmNGMtPP8%2FMYVAMO32%2Bj85vzEZSrujK9cfiRyjworFHWeauzOAyZp6kUbdlrM%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34e2fba4c3d-AMS
cf-bgj
minify
jcarousel.js
geissblog.koeln/wp-content/plugins/profilepress/assets/js/
19 KB
6 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/jcarousel.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c38f9bba09e4a90a4e66ae16f97f374723520be8f99c5d1c22279526d856f92

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=28627
cf-request-id
080b3664db00004c3df2a93000000001
last-modified
Fri, 15 Nov 2019 23:30:18 GMT
server
cloudflare
etag
W/"6fd3-5976afb1c6ea7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MeP5QPoRvUGqOWdYyhRpE9QIXR5w3krQM34DggSQXm5wlVUjySHXwEksDHkTxft6Si7HPdTInkGeJdGbRBJVohPJujSHuqDyFRG2qRr6oa8%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34e2fbd4c3d-AMS
cf-bgj
minify
sweetalert2.min.js
geissblog.koeln/wp-content/plugins/profilepress/assets/js/
11 KB
4 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/sweetalert2.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356d3bf6231d3e130d390c9c92767564fa1dfc9466ba800199daf931284b5294

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 23:30:19 GMT
server
cloudflare
age
2920
etag
W/"2bfd-5976afb20b465"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BGYeneM7dmehrm%2FmLzv3CB2%2BJzhzICWsxdyphHr%2FDK4nR1ZfZyFosS6rcM8qP%2FtqG4z0UcsT4AazUq92YkJFRSty9M3yw6vRwGOCaXPS5rE%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fc04c3d-AMS
cf-request-id
080b3664dc00004c3def828000000001
chosen.jquery.min.js
geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/
28 KB
7 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/chosen.jquery.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e10b02b411e6feee2ea5027b0fa2225421394d9c574d68c35a2669f5ecd625

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Nov 2019 23:29:56 GMT
server
cloudflare
age
2920
etag
W/"6ef0-5976af9cd80d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6zOup7N7Nk5IdTsEsUK6AHbor3Nz4HebuA%2FKnHO54i5Ev1OzLXR70mlqkK82cNRPPDNK%2FqTlpylRRgW20DDZcj9FbUbCw%2FDCyEguKwFSKCw%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fc14c3d-AMS
cf-request-id
080b3664db00004c3d1a862000000001
a370d996-53cd-4f31-966f-8bce5607b9d2
steadyhq.com/widget_loader/
4 KB
2 KB
Script
General
Full URL
https://steadyhq.com/widget_loader/a370d996-53cd-4f31-966f-8bce5607b9d2?ver=1.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.51.173.106 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
steadyhq.com
Software
Cowboy /
Resource Hash
0e1f00865632f19af5b67c4364aacef74cedc04f10a0fe31a8cb72a705bcecc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
1821
x-request-id
FmBXTHlZOLsK-x8BqrSi
wpp.min.js
geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/js/
3 KB
1 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.2.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Sep 2020 22:12:16 GMT
server
cloudflare
age
2920
etag
W/"a3a-5aefcdc6a3b65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FAaOyHV9HL%2F4rdEpqw2i505jQlHj3uX%2FEhQdWnxJhtbLTzHEiRGCJP8JYP3aZ88TYg3nLJBjRNUOgwd5hn8utHURjv%2B8gbz4AJ8%2FOyV7xuI%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fc24c3d-AMS
cf-request-id
080b3664df00004c3df0267000000001
avia-compat.js
geissblog.koeln/wp-content/themes/enfold/js/
1 KB
908 B
Script
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/avia-compat.js?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2413aceda6dd8ed85aee246a26889c17cdfaf2347e673f84915cd9025a54ca4

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2502
cf-polished
origSize=2106
cf-request-id
080b3664dc00004c3d00a98000000001
last-modified
Tue, 15 Aug 2017 18:47:13 GMT
server
cloudflare
etag
W/"83a-556cf352db926"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y6IZQWnT8R%2FzILeNzW3VhDDzptVjX5QbpSKcaapnT0AtCPJnu5l2oIuicSkaZgQCyFuiCrFnpZbaZ76uA2LB0OHx1p3ETI5G3tKWVm3y5iI%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34e2fc34c3d-AMS
cf-bgj
minify
mediaelement-and-player.min.js
geissblog.koeln/wp-includes/js/mediaelement/
153 KB
35 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 23:11:38 GMT
server
cloudflare
age
2920
etag
W/"2638f-56cfbc606a8b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wCDkSmCZMbbmBgHtrjITwbS68iKiJgqofC9sxjPvlkzoLlK2mrru7AjIvi7Ww%2FBfEycBGvfjm0w2%2FHZuAs49yOqXNxs1oiSmLUL7725XeZg%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fc44c3d-AMS
cf-request-id
080b3664dc00004c3d0b055000000001
mediaelement-migrate.min.js
geissblog.koeln/wp-includes/js/mediaelement/
1 KB
796 B
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 23:11:38 GMT
server
cloudflare
age
2920
etag
W/"4a9-56cfbc606a8b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5su9AiDxUiHGp5s5L6B44kp0ZO6MohWMLOcDcwRwfulKqz%2F3FkiNFfXoQdsqC%2BvXfphnro%2BXTOb12d7f0IN8oGI4IFXoG2UZ2t2yPbJPA%2Fk%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34e2fc74c3d-AMS
cf-request-id
080b3664df00004c3d13017000000001
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/
148 KB
43 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b2ee61bcca53f60642717b52fbd8c07d37d0cd5459d9601abafe9ae10ab2c18

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:35:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 21:40:41 GMT
server
AmazonS3
age
127
etag
W/"f093ddcade67ece03b6676d9c8231c9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lguGyvFQ3xsipvlM99zXk2XnLZb9TDi7NxAI-NW2WhEHIxM8KAKTqg==
moli_1b3bbe6a932b0ee85d2f.js
geissblog-koeln.h5v.eu/36/
345 KB
121 KB
Script
General
Full URL
https://geissblog-koeln.h5v.eu/36/moli_1b3bbe6a932b0ee85d2f.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:780:12e::138 Nuremberg, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
/
Resource Hash
e72d3ff191082ad0628ef5b8e82e7754a15206fa10c3ff75700c3fafc2b59db9
Security Headers
Name Value
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
via
1.1 linkerd
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=utf-8
cache-control
public,max-age=315360000,immutable
strict-transport-security
max-age=15638400
accept-ranges
bytes
content-encoding
gzip
x-xss-protection
1; mode=block
rd.loader.php
cdn.recognified.net/
167 KB
167 KB
Script
General
Full URL
https://cdn.recognified.net/rd.loader.php?pub_id=246
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.159.214.153 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li730-153.members.linode.com
Software
nginx /
Resource Hash
5808873c15670e85f2a4c28425e35afdf1f28e9d13468907b13716099d290e4b

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
geissblogkoeln_6497.js
ads.vidoomy.com/
3 KB
3 KB
Script
General
Full URL
https://ads.vidoomy.com/geissblogkoeln_6497.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.17.116.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-116-255.us-east-2.compute.amazonaws.com
Software
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
42c695d173da802764ab3a8cafc72dc7e0e6aa9a1267f27c58b354419f19089b

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:32 GMT
Server
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
2924
wp-emoji-release.min.js
geissblog.koeln/wp-includes/js/
12 KB
4 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/wp-emoji-release.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Aug 2018 05:55:20 GMT
server
cloudflare
age
2301
etag
W/"2efa-5728192ac1904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eg2VEj2qV2DcCV7D5V55oNIRj4jawuAIjg5uzNxn9zBMcTpJyePane6sUfXdtnnHiwGzkJdbn1Qs305X%2F%2F%2F3Nw7YhPfxebDDyQx24OvJ%2FCk%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5b034c3d-AMS
cf-request-id
080b36659700004c3d1d2c5000000001
print.css
geissblog.koeln/wp-content/themes/enfold/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/css/print.css?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4886c60ad92f6025d6f745334953547a5537a9c390eb9dd6cd3b6ad8d7b8e7af

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2301
cf-polished
origSize=4605
cf-request-id
080b3665a200004c3df79fe000000001
last-modified
Tue, 15 Aug 2017 18:47:11 GMT
server
cloudflare
etag
W/"11fd-556cf3504110c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PfUHVUwYqD18ULy%2FxurW9H4hAbDA6MizCIB6BSfeXQk%2FXGPF6OuxiJIyKpqFoXT%2FZObIPq0QLrO3sMvuzQ2wSCCNAU6Dd34cmSk%2B2QR6hW4%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34f6b364c3d-AMS
cf-bgj
minify
css
fonts.googleapis.com/
5 KB
693 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 20:31:44 GMT
server
ESF
date
Wed, 03 Feb 2021 20:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Feb 2021 20:37:32 GMT
jscripts.php
geissblog.koeln/wp-content/plugins/wp-spamshield/js/
783 B
1 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/wp-spamshield/js/jscripts.php
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.23
Resource Hash
1567c856cddcbb3c01d32df57a1c18e1cfc5aed6633cf3e2cb36d6d32fa351d3

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.23
surrogate-control
no-cache, must-revalidate, max-age=0
content-length
512
cf-request-id
080b36651000004c3d121a3000000001
pragma
no-cache
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*,Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D4PiZ0mJ8tyCE6WbJu7F2ecz%2BeT%2BGrp%2F7yEl2SN6zaB4wO4mIyElvPhPYXqImrj%2B1onLbneNVImM9YTmmsatPsZP0uteD9y4aoXh2s5d0ag%3D"}],"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, no-transform
cf-ray
61bef34e888f4c3d-AMS
expires
Sat, 26 Jul 1997 05:00:00 GMT
logo-notext.png
geissblog.koeln/wp-content/uploads/2018/08/
129 KB
130 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2018/08/logo-notext.png
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a9d24387fd6ecf7a0f2d411c84c5ee6f6715e262044b7df6a443e43d80a2f4

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4777
content-length
132242
cf-request-id
080b36659700004c3d3c85b000000001
last-modified
Fri, 17 Aug 2018 14:46:40 GMT
server
cloudflare
etag
"20492-573a2a09f84e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TFjBFgdFUMBzXHL77Kw%2Bi5G9iH00pVvLtbBjvj1mHFnynOyDlV%2FKYooWH2Axyb2D4jiVS7AgXBBgtHDAbAjv1g87hle%2B77vARVHFY4f%2BgcA%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b054c3d-AMS
_Anschlusstor_Logo_neu_grau_gr%C3%BCner_Ball.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/
30 KB
30 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/_Anschlusstor_Logo_neu_grau_gr%C3%BCner_Ball.png
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffe55ff97371b9d4206e62591610875ef833cc3fce2ebf0c18a7971c480d30b

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1931
content-length
30414
cf-request-id
080b36659700004c3d20116000000001
last-modified
Wed, 07 Oct 2020 12:58:57 GMT
server
cloudflare
etag
"76ce-5b11447494c1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6xq52oUUIPoyfaQaun%2BKiKrQ8rZIMQnVgGcr6xkrNbih%2B9%2F8UsYJLQKPHlAzYVDZFjH82CKr93MLGJfpifvUmgOWFl%2FJ1HCxR%2Bjz%2Fr4RLQ8%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b064c3d-AMS
_Anschlusstor_Logo_neu_wei%C3%9F_gr%C3%BCner_Ball.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/
30 KB
30 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/_Anschlusstor_Logo_neu_wei%C3%9F_gr%C3%BCner_Ball.png
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2926fe86c2990ffa67121178b0089226921b152eb6951b77517835a3d79804cd

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1931
content-length
30371
cf-request-id
080b36659800004c3d4e00f000000001
last-modified
Wed, 07 Oct 2020 12:58:57 GMT
server
cloudflare
etag
"76a3-5b114474f187b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yfpoCdDcVn2J9jFxMaSKG1Qq5I%2BpCBFLkCgz3pJE7567z0OZH6o49gqAw4ZjEt15hmdGPjPItpUljoPet%2BkkWoXPJ6CC9uqTidusdK32dZI%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b074c3d-AMS
live_pokal-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
50 KB
50 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/live_pokal-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb9d8dee3132f6ed929ada15bde551fb14556bc70d106865c67df1e910c1991

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6964
content-length
50973
cf-request-id
080b36659800004c3d12962000000001
last-modified
Wed, 03 Feb 2021 10:31:08 GMT
server
cloudflare
etag
"c71d-5ba6c15c823a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AAPGgIVKNIN9d1H%2Bz9jTFrh99VdLhLldK0DN2FWDnsKdF74jGAAg80sYtvDLREJ%2FBaE7EcoLTYJmjnZt0%2BY6%2B9ijy9dSQGHhjJXkaC%2FdDIA%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b084c3d-AMS
cf-bgj
h2pri
wolf-wehrle-sauren-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
42 KB
42 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/wolf-wehrle-sauren-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492e3c52a7dca7a3e295d9e9222dd92aa6953330879b5cd47ad1507ef1e17742

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2743
content-length
42669
cf-request-id
080b36659800004c3d2f2a0000000001
last-modified
Fri, 08 Jan 2021 09:11:53 GMT
server
cloudflare
etag
"a6ad-5b85ff2887f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6XicPc3kkVI0wYxc7vF7lNNqnpX%2B7W0m0juDS3MTuiXokJ2XUTpJ0Zy3rKhoeMqzWBqLCE9OrwL1tFEhKt3H1pe%2BPk9A%2FMDaCov%2Bjv3fe%2Bs%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b0a4c3d-AMS
cf-bgj
h2pri
esser-vorstand-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
49 KB
49 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/esser-vorstand-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14d95bf869a40690d57037a66c664c7b14dc0bcf21afa9a6b1695a01ad3b56c

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1658
content-length
50094
cf-request-id
080b36659800004c3d121af000000001
last-modified
Wed, 03 Feb 2021 11:50:21 GMT
server
cloudflare
etag
"c3ae-5ba6d311d7943"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u56bl42PnWFWGtj%2BWO6P%2B6wpnm5i73ACTlOSHqJoDlwFOzD969MIP%2FixVxDjNi76nFD3hwYs06VK51FQws%2F5T67DOl5IYTJtLCqj1xr6RuQ%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f5b0b4c3d-AMS
cf-bgj
h2pri
newsticker-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
25 KB
25 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/newsticker-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe2418b9b19b1e77e916cd81a422923b3dc6d15b5825c28579aef52daee4975

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5874
content-length
25699
cf-request-id
080b3665a000004c3d51b12000000001
last-modified
Tue, 26 Jan 2021 13:21:00 GMT
server
cloudflare
etag
"6463-5b9cd8691cbaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TO4F%2F0FZUKW%2BsLvG0HYOPRWte%2FCEA3eSqhCu%2F8y9%2BblI%2FJOn6aCPmdQPSAtZLzgmzo3Bh0VIj3Dv1DdETLD2prTOlAsDE%2FsuAWXiZSsIazw%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b1f4c3d-AMS
cf-bgj
h2pri
einzelkritik-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
52 KB
53 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/einzelkritik-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5057c879e4c611b8884e0d731a2a099e0056e6b29d6c9c94e815b25f58b4e7

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2386
content-length
53421
cf-request-id
080b3665a000004c3df2aaf000000001
last-modified
Sun, 31 Jan 2021 21:17:41 GMT
server
cloudflare
etag
"d0ad-5ba38c481be1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lfraB%2F9ocv4yl4RVmjBBfikA0m8APP38xfWCBq0%2BgsRE5AnfdACcMhbzvkymRJ2ZhMGuAk10dGoZNbsyGdYXKV6FeI%2BSRLjU52nApff7qHA%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b234c3d-AMS
cf-bgj
h2pri
20201222-BUC-fckoelnpokal-129-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
46 KB
46 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/20201222-BUC-fckoelnpokal-129-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc7de5018528ebe122169cc075f7ccabeed2b115444e919f2f3288b8dfaebd3

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5006
content-length
46658
cf-request-id
080b3665a000004c3d32875000000001
last-modified
Tue, 02 Feb 2021 09:46:55 GMT
server
cloudflare
etag
"b642-5ba5759d4b4e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p4IoJnUv5MVALijx4UmKJg%2BtW6gKUvcCHj%2B7cjwhko8Ip3aSLyBvluyo1tTS4kYRV1GlY8xUqntBUmee2pC5qrIMxow4Bn6%2FHKcRC8uyNYE%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b244c3d-AMS
cf-bgj
h2pri
20210114-BOP-trainingfc-010-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
56 KB
56 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/20210114-BOP-trainingfc-010-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d681a6179deb9541b37359c50e079cd1b2f7915c7fa9bc60baf52410ad722551

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3819
content-length
57316
cf-request-id
080b3665a000004c3d3c85c000000001
last-modified
Tue, 02 Feb 2021 17:13:44 GMT
server
cloudflare
etag
"dfe4-5ba5d97bd441f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z%2BtKSlTPmj597zFmUPvm%2Bms%2BIUhTQNRqdxcZaNA6QVWxCayVRIzU26TIpvMH0RDDJdK%2FAVYjouQSpEsbEHJI1Q%2BhqqllERqVNQu38nKWauw%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b274c3d-AMS
cf-bgj
h2pri
20210130-BUC-fckoelntraining-108-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
41 KB
41 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/20210130-BUC-fckoelntraining-108-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64867330c618881aba8bdc9963936f5bf1d53f0532a2aee76433286d48329bfe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
840
content-length
42035
cf-request-id
080b3665a000004c3d20117000000001
last-modified
Mon, 01 Feb 2021 10:06:36 GMT
server
cloudflare
etag
"a433-5ba438267fa32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MA41q3LObn1NK8cUHoZ%2FNkCQWqUDgn9AteYk099w0CJA0yummg6JiQR1UDjUGWoTwhOA3yW2hBrERqcH7NtNhZLIt9Z2%2FFckgLlATFGoXn8%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b294c3d-AMS
cf-bgj
h2pri
kombo-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
55 KB
56 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/kombo-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92d87863aa3dd24afd96b84f15071988babf01efbc1cb87cd205f884d7c6f89

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4641
content-length
56483
cf-request-id
080b3665a100004c3d1bb38000000001
last-modified
Tue, 02 Feb 2021 08:53:38 GMT
server
cloudflare
etag
"dca3-5ba569b47537b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KWl69eazcSZporCYTGhJCoS0djUEcs3MYCamfxkerCP02d8OnfHfCD7k8hYMQI8YGLMqHcfE7hygplS%2Bq0sA4QuTbK4H3K%2FFy9FtB4IbbHE%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b2a4c3d-AMS
cf-bgj
h2pri
20201212-BUC-fckoelnu21vswiedenbrueck-110-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
36 KB
36 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/20201212-BUC-fckoelnu21vswiedenbrueck-110-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b933ec2b1ef7c8740c9b3e2f3e8281de541822fa3aa69dc2946bb3496b1744

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3681
content-length
36404
cf-request-id
080b3665a100004c3def83c000000001
last-modified
Thu, 21 Jan 2021 15:12:18 GMT
server
cloudflare
etag
"8e34-5b96a7f6739b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YK2VAsctwM3tMqw7cXFQoJxxyHTsKY2RtAvujwRM00DKHARD424JPFCkII1H8FZlUC36vsXZNCEBfh9KZ9XQ6kaQsCOQz3zT6DsWVxHpPRQ%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b2b4c3d-AMS
cf-bgj
h2pri
modeste-spinner-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
45 KB
45 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/modeste-spinner-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b09caeba9fd63d6fd8290b55eaf878222fe316ab270197ec3172edc653e1ae

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6277
content-length
45641
cf-request-id
080b3665a100004c3d3d120000000001
last-modified
Mon, 01 Feb 2021 22:35:39 GMT
server
cloudflare
etag
"b249-5ba4df9356014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHMhWgzLqLU07uFx4U%2BtMJ9VnzsNWwVTLJfEENppBiI7nhlkMOD5kfTVBlypo3JZRemYtcOmE3QfJ%2BnvX%2FjH87w9o29%2FH855R6pv93hb1LA%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b2c4c3d-AMS
cf-bgj
h2pri
geisspod-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
40 KB
41 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/geisspod-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af01fc2add9ab53a9b3cc0d739ee7ea0c8608b7c6bff8cc9ca44ad9b27e64d46

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4359
content-length
41326
cf-request-id
080b3665a100004c3d11256000000001
last-modified
Mon, 01 Feb 2021 22:08:44 GMT
server
cloudflare
etag
"a16e-5ba4d98e83991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uiGgT7098VkuaGi2nvFkzwe4yWF4091WFmwGKMg2KZ0xYDSRfJitBIM1r674IYdmQvTCkg6yYA9LiOVbhskwahUiXz0PKxlun3IHUxAo%2BEc%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b2e4c3d-AMS
cf-bgj
h2pri
20200930-BOP-trainingfc-045-710x375.jpg
geissblog.koeln/wp-content/uploads/2020/11/
38 KB
38 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2020/11/20200930-BOP-trainingfc-045-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c009465285f72f001f9cccb685bc3f34ae58ecf476105862c7a14c8456d351

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3819
content-length
38888
cf-request-id
080b3665a100004c3d121b0000000001
last-modified
Tue, 03 Nov 2020 11:23:58 GMT
server
cloudflare
etag
"97e8-5b332195cafc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZgzmFrLDlHv5odxVuSUrwgRs%2F5kHuxnsPReOl%2BbuZMcMVmSzzYkTROU8c2fT8xBAAOChUSuOw%2BOd%2F1x2d42wVrWv2K%2BzU3ZRXHUmLvTYn0M%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b2f4c3d-AMS
cf-bgj
h2pri
20210102-BUC-fckoelnvsaugsburg-102-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
45 KB
45 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/20210102-BUC-fckoelnvsaugsburg-102-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482710ea28ed8431d3de1f673789cd84f1487667e3f5978066853588d66fb9e1

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2743
content-length
46168
cf-request-id
080b3665a200004c3df508d000000001
last-modified
Thu, 07 Jan 2021 12:17:32 GMT
server
cloudflare
etag
"b458-5b84e6c9edbdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MJh1n04cUvncQCVLAsbn1yhNhYBi%2BXMiWP8OQtFOemLRVQEQHV9k7JwShcwGc3f8l8JU3j9hjwt5IT9TnyvtGBjauUalRB7Nim5lEO6SRtw%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b314c3d-AMS
cf-bgj
h2pri
20210131-BUC-fckoelnvsbielefeld-115-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/
28 KB
29 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/01/20210131-BUC-fckoelnvsbielefeld-115-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a89513e5c0af25507ec453e7fae8e747598971213d5a665e65eddd2a274df8

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5874
content-length
28943
cf-request-id
080b3665a200004c3df027a000000001
last-modified
Sun, 31 Jan 2021 17:34:42 GMT
server
cloudflare
etag
"710f-5ba35a7148344"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3PPGPxfZAudiaLkkm%2BoIs3JAEVYY4TybliFrDgzbHZtuECuMpN8tnnjnLM62gjpns7hChEb%2B6AGwvUraq%2F2nUd01bsITXU4WJJWev4wzCus%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b324c3d-AMS
cf-bgj
h2pri
esser-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
44 KB
44 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/esser-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d439a24b28c387574f72c2387db2cc61a74bfb2f8c9c2199c543bb5cd82fc342

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5874
content-length
44810
cf-request-id
080b3665a200004c3d17b5e000000001
last-modified
Mon, 01 Feb 2021 14:38:26 GMT
server
cloudflare
etag
"af0a-5ba474e7fe9f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XDCH8iiHPLBlvbN95xCbaAohB7pa2KhBMJywgwzpFKPbaJc6sEaf%2Ft9Og3vIfSNMob3rU0jioQJX%2BBw7zAsO0gXqUjiWWXCHVDaMOgP8zmk%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b334c3d-AMS
cf-bgj
h2pri
20210131-BUC-fckoelnvsbielefeld-118-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/
38 KB
38 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/20210131-BUC-fckoelnvsbielefeld-118-710x375.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856bfa53483ac7c6f78908c5c0e0a0beb48d6486847976f480a2f99af8580877

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4948
content-length
38664
cf-request-id
080b3665a200004c3deab58000000001
last-modified
Mon, 01 Feb 2021 12:36:07 GMT
server
cloudflare
etag
"9708-5ba45991ddfb1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SRSbmU0TMPE%2BQx18Ob%2BqCBcR1XcCPELlOv0eJcW%2BwIXGZdlnKdVQagS26FAx46XhMbw5XpG%2BrLuZrUObMqrxAJ8XA9qHYXJzusR8APfLn3A%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b344c3d-AMS
cf-bgj
h2pri
style.css
geissblog.koeln/wp-content/plugins/eu-cookie-law/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://geissblog.koeln/wp-content/plugins/eu-cookie-law/css/style.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b150d0e7595c7dc3d57192608e357c28a2b3c4947c575968ef94eef996a829f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=3699
cf-request-id
080b36655500004c3d5282b000000001
last-modified
Fri, 15 Nov 2019 23:28:17 GMT
server
cloudflare
etag
W/"e73-5976af3dc5c86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GUSLRcwm4l%2FJhBJGN5BWKowMadoiZceChxf8KDsbn8L7tltfaGf08Pjprw%2FHXIzqg8kCxlSoRR%2BrvA2ZQCTaBHttobQYiKmACSKMxJghAjk%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
cf-ray
61bef34ee9cf4c3d-AMS
cf-bgj
minify
devicepx-jetpack.js
s0.wp.com/wp-content/js/
10 KB
3 KB
Script
General
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202105
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
server
nginx
etag
W/"5841a56f-52b6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.ams _dfw
expires
Mon, 31 Jan 2022 14:26:13 GMT
core.min.js
geissblog.koeln/wp-includes/js/jquery/ui/
4 KB
2 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:38:11 GMT
server
cloudflare
age
2301
etag
W/"fa0-556ce3e3f8485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rydHkMRl7HF%2FOCOHoUSUBAnOLBRRtPmStsZ4paH%2BzMg8WhMoCuE4NX6A%2BrtBphW6OhOvfxoO6GLWOOfJzmKrXxyIPoASTGibNTyL1OsCQQg%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f4ab84c3d-AMS
cf-request-id
080b36658a00004c3d3c859000000001
datepicker.min.js
geissblog.koeln/wp-includes/js/jquery/ui/
36 KB
11 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:38:11 GMT
server
cloudflare
age
2301
etag
W/"8e9c-556ce3e441866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ayeQkMKRRVKKsvDRuiOv0gKivkD0%2FO6bq0azdi5txF9ZWRgZpuP6YbhF2olIf%2B5IYYrlmOE74LqR5%2B68%2BPHzfnco90j81Z2hJqyy%2F2%2FvHiE%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5aec4c3d-AMS
cf-request-id
080b36659400004c3d20115000000001
password-strength-meter.min.js
geissblog.koeln/wp-admin/js/
784 B
729 B
Script
General
Full URL
https://geissblog.koeln/wp-admin/js/password-strength-meter.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c2653a96926d70a4397465cd4ced2f3b01765805539284795209f7a954bd9

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 13:14:59 GMT
server
cloudflare
age
2920
etag
W/"310-556ca90fc1869"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8OqIZoQmFdeCHEVZZO2ugObsJvMCwmTI8KFa%2BDr9GN1TgTZ3%2F648Vr6Dn6YRWvvUYgmI7%2BZZDWtgJi9FecQd%2FjjQEZXkH0PoelZkWdOgpa0%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5aee4c3d-AMS
cf-request-id
080b36659400004c3d29b8b000000001
frontend.js
geissblog.koeln/wp-content/plugins/profilepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/frontend.js?ver=2.9.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f0ce42a0cb6c2deb2f8eb08cca8a8611aac043dfcb4a2f261070285235beb7

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2501
cf-polished
origSize=14427
cf-request-id
080b36659400004c3d00ab0000000001
last-modified
Fri, 15 Nov 2019 23:30:18 GMT
server
cloudflare
etag
W/"385b-5976afb1801d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZJW3CWY4c71Ku3QnF3sqt9HZALm5ptkn61WGtadbOMP7v2Zbz1CfVYe8hudYprpH6NyA3oJWYGJtrMfu4D9wK8UI%2BKYvSeyp%2FahLN0twnuQ%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34f5aef4c3d-AMS
cf-bgj
minify
avia.js
geissblog.koeln/wp-content/themes/enfold/js/
104 KB
29 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/avia.js?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f18c9dd8b5eafb489db91ada24384af952e74304eff7a1e9ab5fe595be371ce

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2301
cf-polished
origSize=134602
cf-request-id
080b36659500004c3d0887b000000001
last-modified
Tue, 15 Aug 2017 18:47:14 GMT
server
cloudflare
etag
W/"20dca-556cf35327418"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wCRz8%2B%2FLufrOR0IRGs6DQoHkGyJUSU2XhrrXvAXwocLQgd%2BDrMAynoX1UdEPc%2ByKFTkGTfdvqYmnx6S6XDhrONwTyY%2BqdPco34f2ugY5%2BPg%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34f5af04c3d-AMS
cf-bgj
minify
shortcodes.js
geissblog.koeln/wp-content/themes/enfold/js/
99 KB
23 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/shortcodes.js?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e9791e905a0885af60405def69585a7fbde323741c0285edd9785c21474c1f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2500
cf-polished
origSize=158782
cf-request-id
080b36659500004c3de91c6000000001
last-modified
Tue, 15 Aug 2017 18:47:14 GMT
server
cloudflare
etag
W/"26c3e-556cf3535cf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aq7m7lochGYVH%2Bij75Eh9La0fpvSbH4th88N%2BCdEBCG1cxvqobjoZhzom3uDIKvBc9wHEnc%2BIa2HSclerQxh3bBH1ui8dV52iwiEF%2F0m2M8%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34f5af14c3d-AMS
cf-bgj
minify
jquery.magnific-popup.min.js
geissblog.koeln/wp-content/themes/enfold/js/aviapopup/
20 KB
7 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=4.1
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 18:47:47 GMT
server
cloudflare
age
2920
etag
W/"51d3-556cf372c96ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KL%2BqzXTUDNxNXD%2BJwq5%2B%2FINt7Enni2rKeas%2B9phPegiD9j3bPwUUXo6ObGHVc4tVv3eXNcd8n77SJZMBy0Jq8%2F%2Bi%2FvNtOdzTIBXs5YAeS0Q%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5af64c3d-AMS
cf-request-id
080b36659500004c3d3f1b1000000001
wp-mediaelement.min.js
geissblog.koeln/wp-includes/js/mediaelement/
914 B
719 B
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 23:11:38 GMT
server
cloudflare
age
2920
etag
W/"392-56cfbc606ac9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HRnmcU74QngoMIqqiCGj9BblRJsn23e6N0Nn%2FbFDZ%2FfrBxDwUfHTXuNoZvW5zbTuzTk39fTNJ80cw90T8B2z5yXYuQn%2FjmKNaHSH8nuJnV8%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5af84c3d-AMS
cf-request-id
080b36659700004c3df79fc000000001
comment-reply.min.js
geissblog.koeln/wp-includes/js/
1 KB
818 B
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/comment-reply.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:37:31 GMT
server
cloudflare
age
2920
etag
W/"436-556ce3bdcb4c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vGUV4uROOfeGX4tM9h6tmP1EcUUYiEoeWL56I5QyNnM13kXf9whG6E0XSHnwwqv7exnnXqhLjJdIQ1lm3t93HbgFe%2FJRZnzblTSWCi7Js4Y%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5afa4c3d-AMS
cf-request-id
080b36659600004c3de9911000000001
ajax.js
geissblog.koeln/wp-content/plugins/zeno-report-comments/js/
560 B
719 B
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/zeno-report-comments/js/ajax.js?ver=1.3.4
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4444
cf-polished
origSize=744
cf-request-id
080b36659600004c3d3815c000000001
last-modified
Thu, 28 Jan 2021 18:31:40 GMT
server
cloudflare
etag
W/"2e8-5b9fa1941be77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p1YPaHq13Mh7AmZdLFp7sTgdd%2Flt9nJGqbiSbAo%2BOc35NUhuphjyV%2FDaGsQ8ZiL2EbQ0h3IukP6F6HVelfcnFC1gmcSru9EbZtT3a8fQfFI%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34f5afc4c3d-AMS
cf-bgj
minify
jscripts-ftr-min.js
geissblog.koeln/wp-content/plugins/wp-spamshield/js/
1 KB
985 B
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22518ff32f769e282e7b884f80b238038242e11fcd7c9ddf11a53285f6f4993a

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7936980
cf-request-id
080b36659600004c3d1bb37000000001
last-modified
Fri, 15 Nov 2019 23:33:47 GMT
server
cloudflare
etag
W/"4c0-5976b0792e0d0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aObvwzYnKmNgwdXLdzFIu5IgjmFEHg8gUC7%2Bb0SaIEMO2v%2F3whNb%2Fz9QLXwPJmNlZj3NlSI%2BQBaYc2nJ%2BNG7%2Bx%2F3g09NbljR7yt%2FsecIfsM%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=15552000, must-revalidate
cf-ray
61bef34f5afd4c3d-AMS
expires
Wed, 03 Nov 2021 23:54:32 GMT
wp-embed.min.js
geissblog.koeln/wp-includes/js/
1 KB
978 B
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/wp-embed.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Dec 2018 03:55:39 GMT
server
cloudflare
age
2920
etag
W/"57b-57cdf49b3716a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BTn%2BjZUBQLvDlfQlIkVBWwkDhWtKH9k0A0qvF9m2nlC7ukPoLxbA4%2F7CJpS8N%2B%2FdgnnybsyHkM7UskUjld6SuiAuWKPGeuHeyMc3317U8KY%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef34f5aff4c3d-AMS
cf-request-id
080b36659a00004c3d4689a000000001
scripts.js
geissblog.koeln/wp-content/plugins/eu-cookie-law/js/
2 KB
1 KB
Script
General
Full URL
https://geissblog.koeln/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58815f5cb83e2bc136e9264be7c12c8fc19369d488584cf52ce658c51020bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2920
cf-polished
origSize=3049
cf-request-id
080b36659700004c3df2aae000000001
last-modified
Fri, 15 Nov 2019 23:28:18 GMT
server
cloudflare
etag
W/"be9-5976af3f7106f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lJsvVUKiPqFXTAZVD73IONkYdpGY4CaLzYB0HKsYvjjP8r83SZpRatUR%2BXyq874MVRxNJDr51QUQ9GnjWEFtM56jFpu51NB1r7Q%2FYZe1s5A%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
61bef34f5b004c3d-AMS
cf-bgj
minify
1.16.9.js
steadycdn.com/prod/js/
357 KB
131 KB
Script
General
Full URL
https://steadycdn.com/prod/js/1.16.9.js
Requested by
Host: steadyhq.com
URL: https://steadyhq.com/widget_loader/a370d996-53cd-4f31-966f-8bce5607b9d2?ver=1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.51.173.91 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
steadycdn.com
Software
nginx /
Resource Hash
aecf16f6bec9a845516902a99ce2a2c4d7b0420d52a64a715b63134903b7546b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:25:05 GMT
server
nginx
etag
W/"600ec6b1-5959c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
strict-transport-security
max-age=31536000
x-proxy-cache
HIT
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame
0
0
Other
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A270%2C%22requestUUID%22%3A%227d926de3-c361-4b43-a62c-77f3e936e6c4%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgeissblog.koeln%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Wed, 03 Feb 2021 20:37:32 GMT
x-powered-by
Express
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UHnc1yQI7lqLPKFya_HOti49nw45g2GY82s-yTSE8nq507xkoHvqeA==
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/
154 KB
9 KB
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A270%2C%22requestUUID%22%3A%227d926de3-c361-4b43-a62c-77f3e936e6c4%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgeissblog.koeln%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
5dd6512118172096e0b6fbd9e8073deabf6269b028c0ba5f1c1217b307b0ef02

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://geissblog.koeln
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
gY5l5HC-k0yxjLx1KTinkz4ppyA0AfKgDzDxKVUMCkbYRUWvI8fipw==
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
/
concheck.adsafety.net/
58 B
403 B
XHR
General
Full URL
https://concheck.adsafety.net/?_f=json&c=rf&req=bl&u=https%3A%2F%2Fgeissblog.koeln%2F
Requested by
Host: cdn.recognified.net
URL: https://cdn.recognified.net/rd.loader.php?pub_id=246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.0.62 , Germany, ASN16276 (OVH, FR),
Reverse DNS
concheck11.ct.smartaudience.biz
Software
nginx /
Resource Hash
90cc47b7ee1983c168809d3b3f01938e69ef76ec8e1eada02a78206ee86c22c8

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:32 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
adx.adform.net/adx/
65 B
649 B
XHR
General
Full URL
https://adx.adform.net/adx/?mid=760509&t=2
Requested by
Host: cdn.recognified.net
URL: https://cdn.recognified.net/rd.loader.php?pub_id=246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://geissblog.koeln
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
md.tracking.php
rads.recognified.net/
43 B
432 B
Image
General
Full URL
https://rads.recognified.net/md.tracking.php?t=lead&lead_event=92&lead_type=web_interaction&type=normal&campaign_id=10779&lead_title=pageimp&ad_id=31336&pub_id=246
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.157.168 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1673-168.members.linode.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:32 GMT
Last-Modified
Wed, 03 Feb 2021 20:37:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
cm.adsafety.net/
Redirect Chain
  • https://rads.recognified.net/cm/
  • https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
43 B
229 B
Image
General
Full URL
https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.82.217.101 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:32 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 03 Feb 2021 20:37:32 GMT
Server
nginx
Access-Control-Allow-Origin
rads.recognified.net
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
Access-Control-Allow-Credentials
true
Connection
keep-alive
at-media_cs.js
images.intellitxt.com/ast/js/PID_20625/
1 KB
858 B
Script
General
Full URL
https://images.intellitxt.com/ast/js/PID_20625/at-media_cs.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-122.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e90a4769a82aada9462eb562e3f1baedf42929d613329920a93b7df71c49ac4e

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 10 Jan 2021 23:09:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 09:05:22 GMT
server
AmazonS3
age
2064464
etag
W/"5863f1ccc94c74c5ba70526bab8189e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7bkMNsp6IflDNpAkqP0ER0Kzw1bL2-G-YuaLW5tUx3LCpHlSoLrUYQ==
piwik.js
dergeissbock.de/
64 KB
64 KB
Script
General
Full URL
https://dergeissbock.de/piwik.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:300::1ac , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
last-modified
Thu, 30 Aug 2018 22:59:04 GMT
server
Apache
accept-ranges
bytes
etag
"ff7b-574af05884f9b"
content-length
65403
content-type
application/javascript
entypo-fontello.woff
geissblog.koeln/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/
30 KB
30 KB
Font
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Request headers

Origin
https://geissblog.koeln
Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1817
content-length
30804
cf-request-id
080b3665a500004c3de7060000000001
last-modified
Tue, 15 Aug 2017 18:48:34 GMT
server
cloudflare
etag
"7854-556cf39f97343"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eL4Omj3P2ErTjB1r3Y9qcEpLWPgHoVB5tEENvfY7kPJVeMhxkc4QeTDRV04QTVBMmbUPl%2FSVSph5cOtHzoCbSGzVYGM2xYT2QF9H%2FeKC0I4%3D"}],"group":"cf-nel"}
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef34f6b384c3d-AMS
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://geissblog.koeln
Referer
https://fonts.googleapis.com/css?family=PT+Sans:400,600,800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 06:04:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:11 GMT
server
sffe
age
52403
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11380
x-xss-protection
0
expires
Thu, 03 Feb 2022 06:04:09 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://geissblog.koeln
Referer
https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 17:21:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:28 GMT
server
sffe
age
184567
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Tue, 01 Feb 2022 17:21:25 GMT
EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://geissblog.koeln
Referer
https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 05:56:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:26 GMT
server
sffe
age
52878
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13372
x-xss-protection
0
expires
Thu, 03 Feb 2022 05:56:14 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/
92 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4531fa9e33bdebbab12ece3bec25d0e0f0b79d2f72359cca9ccdd34afbff37b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33624
x-xss-protection
0
server
cafe
etag
16250397154202993732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Feb 2021 20:37:32 GMT
index.html
cdn.privacy-mgmt.com/ Frame 1E03
0
0
Document
General
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.privacy-mgmt.com
:scheme
https
:path
/index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://geissblog.koeln/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://geissblog.koeln/

Response headers

content-type
text/html
last-modified
Tue, 02 Feb 2021 23:35:19 GMT
server
AmazonS3
content-encoding
gzip
date
Wed, 03 Feb 2021 20:35:26 GMT
etag
W/"fea093f29bac3f6b2f469bf4a1b2cd0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
641ivfnJtmi0nZEyLapw_4W-zk44CCEs8q-qTmp8uh4MrTEzSGCO0Q==
age
127
gb_overlay_logo_red.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/
4 KB
4 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/gb_overlay_logo_red.png
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faba832c85307453797f3e9d3337c9bf9817fce955383f607ae1187216ba328

Request headers

Referer
https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5874
content-length
3682
cf-request-id
080b3666a400004c3d08898000000001
last-modified
Wed, 07 Oct 2020 12:58:57 GMT
server
cloudflare
etag
"e62-5b114475755d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsNX41PaxZ4C7HIqzer%2FL1zKJSNxg%2FHB%2BQbWllLj6C7s0r0F2lE%2B5VcCPPi6PD0KejKer8utHcYpVqph5cLLl1LeFy2TL7hbkFHiAf%2Fo5C4%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef35108114c3d-AMS
live_pokal.jpg
geissblog.koeln/wp-content/uploads/2021/02/
107 KB
108 KB
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2021/02/live_pokal.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415f323e0481fc1a1a50536ec9975dae2f874ce3feac615b1421286b6ba82461

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6963
content-length
110044
cf-request-id
080b3666bf00004c3d121d4000000001
last-modified
Wed, 03 Feb 2021 10:31:05 GMT
server
cloudflare
etag
"1addc-5ba6c159b6e66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zdjKuTJgctMETSMxbaNSbPYqwhuTseQsS4n92AQy39lQ5PtBcXHJ%2FEaN%2BRt7jRgx8bBh2QlyLPU0zZB5OJBvxZIXesphRCinN6Wl58uc7ss%3D"}],"group":"cf-nel"}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61bef35138964c3d-AMS
cf-bgj
h2pri
5rc5ZZ-quark-hmsfhl.jpg
geissblog.koeln/wp-content/uploads/2017/06/
68 B
506 B
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2017/06/5rc5ZZ-quark-hmsfhl.jpg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
AdDefend GmbH
content-length
68
cf-request-id
080b3666bf00004c3d1304e000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H1rPxKYZYGKKL8jSNtqAYy%2Fsaz1pVziM%2BKhMRCkASJzrh52IqA0f98phjnY8Ug7vytMNfIET%2Fky3WC9ykfPNlC2HwdYmFxO%2Fl4X6XvJx%2BMQ%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
cf-ray
61bef35138994c3d-AMS
expires
0
event
events.apester.com/ Frame
0
0
Other
General
Full URL
https://events.apester.com/event
Protocol
H2
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
OPTIONS,OPTIONS
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
86400
date
Wed, 03 Feb 2021 20:37:33 GMT
via
1.1 google
alt-svc
clear
adsbygoogle.js
static.apester.com/js/lib/
34 B
153 B
Script
General
Full URL
https://static.apester.com/js/lib/adsbygoogle.js
Requested by
Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.72.190.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
c7cab0e16ac6bd8de5197689fb2d28a55319b060d504aa76083aac7b031752cf

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:24:19 GMT
via
1.1 google
last-modified
Tue, 12 Jan 2021 11:14:24 GMT
server
nginx/1.19.6
age
794
etag
W/"5ffd8490-22"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
public,s-maxage=942,max-age=942
content-encoding
gzip
alt-svc
clear
content-length
54
event
events.apester.com/
0
218 B
XHR
General
Full URL
https://events.apester.com/event
Requested by
Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
date
Wed, 03 Feb 2021 20:37:33 GMT
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
alt-svc
clear
content-length
0
logo-white.svg
static.apester.com/js/assets/
3 KB
3 KB
Image
General
Full URL
https://static.apester.com/js/assets/logo-white.svg
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.72.190.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
c4a0fb4da7f6db6ea3be9b26968272fd292b94084b4f85652c21a91e106613ff

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 24 Jan 2021 22:59:43 GMT
via
1.1 google
last-modified
Tue, 12 Jan 2021 11:14:24 GMT
server
nginx/1.19.6
age
855470
etag
"5ffd8490-d0f"
content-type
image/svg+xml
content-range
bytes 0-1000/3343
cache-control
max-age=315360000,public
alt-svc
clear
content-length
3343
expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
dergeissbock.de/
43 B
133 B
Image
General
Full URL
https://dergeissbock.de/piwik.php?action_name=GEISSBLOG.KOELN%20%E2%80%93%20Die%20Online-Zeitung%20%C3%BCber%20den%201.%20FC%20K%C3%B6ln&idsite=2&rec=1&r=915598&h=21&m=37&s=33&url=https%3A%2F%2Fgeissblog.koeln%2F&_id=31b44bcba0198bbf&_idts=1612384653&_idvc=1&_idn=0&_refts=0&_viewts=1612384653&send_image=1&cookie=1&res=1600x1200&gt_ms=254&pv_id=167yHM
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:300::1ac , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.1.32
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cache-control
no-store
server
Apache
x-powered-by
PHP/7.1.32
content-type
image/gif
front.asp
k.intellitxt.com/intellitxt/
4 KB
2 KB
Script
General
Full URL
https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/ast/js/PID_20625/at-media_cs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-220-77.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
b9053c0d51e58c3e654f5f9da0ca1dbe610b1cf822b8ec20ae73a495bbc88c83

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:19:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
config.js
confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/
46 KB
12 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/config.js
Requested by
Host: geissblog-koeln.h5v.eu
URL: https://geissblog-koeln.h5v.eu/36/moli_1b3bbe6a932b0ee85d2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa652365b96aee761c5987605599c7010286353f9c713706d10fc12a60d449e1

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:33 GMT
Content-Encoding
gzip
Age
290
X-Cache
HIT
Connection
keep-alive
Content-Length
11182
x-amz-id-2
Q/wJIbDgtSiXyqNY57q+VGKi57fmYK4CRw0tYvxVJhy7nSrT79D0gZ+8JCw5bAcLwQWm3EGS5Ic=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Wed, 03 Feb 2021 20:31:32 GMT
Server
AmazonS3
X-Timer
S1612384653.090058,VS0,VE0
ETag
"294d7ccf8c3b87034458ca96a58158ac"
x-amz-request-id
F069A5E4FBD14D5C
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
4
css
fonts.googleapis.com/
3 KB
568 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400,400i,700,700i&display=swap&subset=latin-ext
Requested by
Host: steadycdn.com
URL: https://steadycdn.com/prod/js/1.16.9.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0d3cc7a2e6e9cde2ae9c89b0fd7448b6f5521aa4429c18aac727b578dc588f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 20:28:28 GMT
server
ESF
date
Wed, 03 Feb 2021 20:37:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Feb 2021 20:37:33 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: steadycdn.com
URL: https://steadycdn.com/prod/js/1.16.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5010
date
Wed, 03 Feb 2021 19:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 03 Feb 2021 21:14:03 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86331
x-xss-protection
0
server
cafe
etag
657319051054643926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Feb 2021 20:37:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/ Frame F960
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210202/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://geissblog.koeln/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://geissblog.koeln/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Feb 2021 22:31:03 GMT
expires
Tue, 16 Feb 2021 22:31:03 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
cache-control
public, max-age=1209600
age
79590
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
formats.js
ad.lkqd.net/vpaid/ Frame A54C
118 KB
35 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame EB22
118 KB
35 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
collect
www.google-analytics.com/j/
4 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=2005302570&t=pageview&_s=1&dl=https%3A%2F%2Fsteadyhq.com%2Fgeissblog%2Fwidget.js&ul=en-us&de=UTF-8&dt=GEISSBLOG.KOELN%20%E2%80%93%20Die%20Online-Zeitung%20%C3%BCber%20den%201.%20FC%20K%C3%B6ln&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2044888544&gjid=1337067139&cid=377372049.1612384653&tid=UA-82069822-7&_gid=1952379983.1612384653&_r=1&_slc=1&z=476661484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geissblog.koeln
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
5rc5ZZ-abgabe-justiz-hqoblx.png
geissblog.koeln/wp-content/uploads/2013/01/promotools/
68 B
338 B
Image
General
Full URL
https://geissblog.koeln/wp-content/uploads/2013/01/promotools/5rc5ZZ-abgabe-justiz-hqoblx.png
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
AdDefend GmbH
content-length
68
cf-request-id
080b36675700004c3d538c6000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yKlXFzixWgFNrgo2hEZQWaXWryn%2B2hVzKxAmDGJAWEjBYbrullGknb5QjnjFTKaIY5CU6DOmon7Tt9BpCAAStM9MNENNEJv54ZecPkx79tQ%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
cf-ray
61bef3522b674c3d-AMS
expires
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202102021841/
191 KB
58 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:33 GMT
Content-Encoding
gzip
Age
220
X-Cache
HIT
Connection
keep-alive
Content-Length
58468
x-amz-id-2
PfiTKffMmNMQ0kbVhxuCd9axNizmTbxJzqu8a+h8/5ngrl2h7/hkLzF2hIwELL8CLPC0Nkg3Uos=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Tue, 02 Feb 2021 23:44:30 GMT
Server
AmazonS3
X-Timer
S1612384653.156136,VS0,VE0
ETag
"c7c578310510fc2a6129ca2158dfa3fb"
x-amz-request-id
EAE2E5AA8CD0E681
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
366
collect
stats.g.doubleclick.net/j/
4 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&gjid=1337067139&_gid=1952379983.1612384653&_u=YEBAAEAAAAAAAC~&z=960045598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Feb 2021 20:37:33 GMT
content-type
text/plain
access-control-allow-origin
https://geissblog.koeln
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&_u=YEBAAEAAAAAAAC~&z=2059521304
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&_u=YEBAAEAAAAAAAC~&z=2059521304
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 03B8
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cache-control
max-age=78399
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
9a7d3ac517457ab317841cbd51108aa3623c4e0839d2b53af410b4bd65f73ce7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1361
usync.html
ad.lkqd.net/cookie-sync/ Frame A41C
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cache-control
max-age=78399
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame EB22
180 B
355 B
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077160&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=2151707&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
/
k.intellitxt.com/go/1/
4 KB
3 KB
Script
General
Full URL
https://k.intellitxt.com/go/1/?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F&consentstr=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA&consenttype=euconsent&script=c
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-220-77.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
85be19406882557ca0b6f053ea6c9f29481f0d6323300399e54af9451bbea6f8

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:19:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame 7ED1
0
0

t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame 9B8B
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame A86F
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
kormorant-1.31.23.min.js
images.intellitxt.com/k/
219 KB
55 KB
Script
General
Full URL
https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/go/1/?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F&consentstr=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA&consenttype=euconsent&script=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-122.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
986161275fe50b92e5cff2ba4451df6e261be46d1705530ee7bbf3013c50d01d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 10:27:26 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 16:53:44 GMT
server
AmazonS3
age
727808
etag
W/"a9445e85736eefa5c802f726708fd630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YS2RfExCJD8FgvX1RxYX8oZGwb2E1oilO2oUqERYFNg08YAZX9jOQA==
usync.html
ad.lkqd.net/cookie-sync/ Frame F08D
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
cache-control
max-age=78399
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:33 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame A86F
81 KB
6 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3971c15cce21ebc7e7e5503362ab05848463642d6d2b06931b5345ef060e9df6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6064
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
publishertag.standalone.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 11:16:37 GMT
server
nginx
etag
W/"5ff6ed95-16542"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 04 Feb 2021 20:37:33 GMT
kormorant-1.31.23.min.css
images.intellitxt.com/k/
27 KB
7 KB
Stylesheet
General
Full URL
https://images.intellitxt.com/k/kormorant-1.31.23.min.css
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-122.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ce059b70275fa2dc3bae871e79ab94fd41a6df2f892f35fdc2e767d6cb28411

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 10:27:27 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 16:53:43 GMT
server
AmazonS3
age
727807
etag
W/"0d3f89406825951fcb58d2a8705a9d88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
84loxQ_0UAlqv2E8hw9UFi2aOUk6ktD2P5ea5P3impBTsco6rWWo5Q==
5163634086831496560
k.intellitxt.com/csync/0/appnexus/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fk.intellitxt.com%2Fcsync%2F0%2Fappnexus%2F%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fk.intellitxt.com%252Fcsync%252F0%252Fappnexus%252F%2524UID
  • https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
0
324 B
Image
General
Full URL
https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-220-77.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:19:34 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

Redirect headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:33 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid
b05c7f5d-ef96-4ddf-acce-20773d6f1838
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184543&cb=:redirect
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 03 Feb 2021 20:37:33 GMT
aHR0cHM6Ly9nZWlzc2Jsb2cua29lbG4v
k.intellitxt.com/log/0/ptr/9e239c689b776e30b929da120ea5be3186ecb323/93421/674afef7-da88-4d33-8d49-052a7d0189bc/
0
249 B
Image
General
Full URL
https://k.intellitxt.com/log/0/ptr/9e239c689b776e30b929da120ea5be3186ecb323/93421/674afef7-da88-4d33-8d49-052a7d0189bc/aHR0cHM6Ly9nZWlzc2Jsb2cua29lbG4v
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-220-77.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:19:34 GMT
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Server
nginx
X-Powered-By
Express
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
publishertag.standalone.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 11:16:37 GMT
server
nginx
etag
W/"5ff6ed95-16542"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 04 Feb 2021 20:37:33 GMT
t
t.lkqd.net/ Frame C2BD
0
165 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
zxcvbn.min.js
geissblog.koeln/wp-includes/js/
803 KB
380 KB
Script
General
Full URL
https://geissblog.koeln/wp-includes/js/zxcvbn.min.js
Requested by
Host: geissblog.koeln
URL: https://geissblog.koeln/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 17:37:39 GMT
server
cloudflare
age
281
etag
W/"c8bba-556ce3c5bcff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1aPHKSc0b9wYwjqfKjerMDn2juApoJxaVygIuZ9WBPBOl%2BExZtH%2B5MPBXnhchk9GhrRNZybgPDM2jL36D8fZMgcYAdpDVWYoAnrkfQcel2w%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61bef3576b3d4c3d-AMS
cf-request-id
080b366aa500004c3df2b52000000001
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0cb5da73f240a6361735e79e009020a660b3e0df432f0c196b78866c74ee085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47978
x-xss-protection
0
server
cafe
etag
3032850206597669450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Feb 2021 20:37:34 GMT
syncframe
gum.criteo.com/ Frame EBD0
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://geissblog.koeln/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://geissblog.koeln/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
483
date
Wed, 03 Feb 2021 20:37:33 GMT
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
578 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121527144667%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384654250013-116
Expires
Wed, 03 Feb 2021 20:37:34 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0

swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
580 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C18819251177336104875575596121%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384654220095-128
Expires
Wed, 03 Feb 2021 20:37:34 GMT
vtag
vast.emxdgt.com/
27 B
331 B
XHR
General
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-53-197.compute-1.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:33 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=289940278&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.hei...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAa50acfac-665f-11eb-98b2-0687339652a0?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
227 B
1 KB
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:34 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Wed, 03 Feb 2021 20:37:34 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0

sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=449471018&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.v...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAa4fcd6a4-665f-11eb-a119-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
227 B
1 KB
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:34 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Wed, 03 Feb 2021 20:37:34 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
vadtag.html
vpaid.pubmatic.com/ads/video/
988 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17901875897336104875575596121%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ce2a59bd85aec76740de2bf1512de1aa6b2a08ad81365a9be849d2061da6f07d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:34 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
606
Expires
Wed, 03 Feb 2021 20:37:34 GMT
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
48 B
333 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 03 Feb 2021 20:37:34 GMT
via
1.1 google
server
OXGW/16.202.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
48 B
248 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 03 Feb 2021 20:37:34 GMT
via
1.1 google
server
OXGW/16.202.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
alt-svc
clear
content-length
0
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:34 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame C2BD
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_9533396a.js
vpaid.springserve.com/production/ Frame 2480
475 KB
98 KB
Script
General
Full URL
https://vpaid.springserve.com/production/vpaid_9533396a.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:34 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 16:21:51 GMT
server
AmazonS3
x-amz-request-id
E1DCFD21ED3E7E9A
etag
"1225f68bb263c18c2006a35fdc8a452c"
x-hw
1612384654.dop160.fr8.t,1612384654.cds254.fr8.hn,1612384654.cds209.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2182532
accept-ranges
bytes
content-length
99770
x-amz-id-2
MrftzhWajDbvm3IN7/Ae/RDJD0MMMu7KR/kEmkM+pZwNEsSf7AamZLisr8MhAIpRQ5C5y1TU3EU=
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
prebid
ib.adnxs.com/ut/v3/ Frame 2480
19 B
868 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:35 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid
a8ad7c8f-a574-4e02-bb34-ceadb8e989a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 2480
0
216 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
t
t.lkqd.net/ Frame C2BD
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:35 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2480
959 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d0c3c38ca2b702aaf088a403f6d73d6f3b4f561e6aed6243a567deb0e20ee960

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
587
Expires
Wed, 03 Feb 2021 20:37:35 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3A5B
150 KB
35 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
showad.js
ads.pubmatic.com/AdServer/js/ Frame 52D6
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=168762
Expires
Fri, 05 Feb 2021 19:30:17 GMT
Date
Wed, 03 Feb 2021 20:37:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3A5B
37 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94f8-5b232eca8cf5e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=168762
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
13837
Expires
Fri, 05 Feb 2021 19:30:17 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3A5B
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384655168&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:35&ranreq=0.11370945510546848&timezone=1&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2480
959 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
df98b96585a92a9b317abaea1250b40357f27c1aa51bd1f114f4652b340d11b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
587
Expires
Wed, 03 Feb 2021 20:37:37 GMT
track
aktrack.pubmatic.com/ Frame 2480
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384655&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8567
150 KB
35 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
showad.js
ads.pubmatic.com/AdServer/js/ Frame D20E
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=168760
Expires
Fri, 05 Feb 2021 19:30:17 GMT
Date
Wed, 03 Feb 2021 20:37:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8567
37 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94f8-5b232eca8cf5e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=168760
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
13837
Expires
Fri, 05 Feb 2021 19:30:17 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8567
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384657197&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:37&ranreq=0.9073923620928164&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2480
67 B
719 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384653991&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384657739022-97
Expires
Wed, 03 Feb 2021 20:37:37 GMT
track
aktrack.pubmatic.com/ Frame 2480
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384657&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:37 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2480
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384653991&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384657802013-101
Expires
Wed, 03 Feb 2021 20:37:37 GMT
i
vid-io-cle.springserve.com/vd/ Frame 2480
0
117 B
XHR
General
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3645178b&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.146.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 2480
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384655&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:38 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame C2BD
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e38cf91578f50198e03ee4b86f388824080ea719f69c585a6bc81b30b147fd98

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:38 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1364
vpaid.js
ad.lkqd.net/vpaid/ Frame F0C4
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:38 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384658.cds001.lo4.hn,1612384658.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
usync.html
ad.lkqd.net/cookie-sync/ Frame 0A1F
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:38 GMT
cache-control
max-age=78394
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384658.cds001.lo4.hn,1612384658.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame F0C4
62 KB
5 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
240283237b08bd2f685051f02d08cd723fad52af6527196d8a60df2f6d6b46af

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4536
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:38 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 4282
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:39 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C73491912649263370071959755057%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384659067051-101
Expires
Wed, 03 Feb 2021 20:37:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
719 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C14326843397349191264926337007%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384659048099-84
Expires
Wed, 03 Feb 2021 20:37:39 GMT
vtag
vast.emxdgt.com/
27 B
331 B
XHR
General
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-53-197.compute-1.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:38 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.heig...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=2...
249 B
985 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://geissblog.koeln
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
av
vidoomy-d.openx.net/v/1.0/
48 B
251 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=642546010&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C14038039577349191264926337007,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.view...
249 B
985 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://geissblog.koeln
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
vadtag.html
vpaid.pubmatic.com/ads/video/
988 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17910822017349191264926337007%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
16515a9aa9d56b23b10db6979f7fab23dd04c2edb22b5d452adba1607dffd912

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:39 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
608
Expires
Wed, 03 Feb 2021 20:37:39 GMT
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:39 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:39 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame 4282
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 4282
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
726e1f66308fc58d7be07ce3134610c9e3925864cf5a30bc28236d90e5926be5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1363
vpaid.js
ad.lkqd.net/vpaid/ Frame 8546
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384659.cds001.lo4.hn,1612384659.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
usync.html
ad.lkqd.net/cookie-sync/ Frame A649
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:39 GMT
cache-control
max-age=78393
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384659.cds001.lo4.hn,1612384659.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:39 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 8546
72 KB
6 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e492ad4635c3d68ef74bf2e1007eecd5dfb78f1c856a3ef6e35db0670eb09ac7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5760
t
t.lkqd.net/ Frame F52A
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:40 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C8199716254323992747791025590%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384660127058-116
Expires
Wed, 03 Feb 2021 20:37:40 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
719 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C15079701948199716254323992747%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384660182016-73
Expires
Wed, 03 Feb 2021 20:37:40 GMT
vtag
vast.emxdgt.com/
27 B
331 B
XHR
General
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-53-197.compute-1.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:39 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.hei...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=...
249 B
985 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://geissblog.koeln
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
av
vidoomy-d.openx.net/v/1.0/
48 B
248 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2090888742&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C15254423558199716254323992747,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:40 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.v...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewa...
249 B
985 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://geissblog.koeln
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_gdpr=&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C8199716254323992747719192940,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
28f4a5c83a1f4015a55df7f6a924b86059f76228b4562950c93278d1a4497b92

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1244
x-sticky-vk
1612384660207028-116
Expires
Wed, 03 Feb 2021 20:37:40 GMT
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:40 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame F52A
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 8546
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_9533396a.js
vpaid.springserve.com/production/ Frame 0CC6
475 KB
98 KB
Script
General
Full URL
https://vpaid.springserve.com/production/vpaid_9533396a.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:40 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 16:21:51 GMT
server
AmazonS3
x-amz-request-id
E1DCFD21ED3E7E9A
etag
"1225f68bb263c18c2006a35fdc8a452c"
x-hw
1612384660.dop160.fr8.t,1612384660.cds254.fr8.hn,1612384660.cds209.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2182526
accept-ranges
bytes
content-length
99770
x-amz-id-2
MrftzhWajDbvm3IN7/Ae/RDJD0MMMu7KR/kEmkM+pZwNEsSf7AamZLisr8MhAIpRQ5C5y1TU3EU=
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 0CC6
959 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
588
Expires
Wed, 03 Feb 2021 20:37:40 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 0CC6
0
216 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
218945
search.spotxchange.com/openrtb/2.3/dados/ Frame 0CC6
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/218945
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
X-SpotX-Timing-Transform
0.000455
X-SpotX-Timing-SpotMarket
0.061709
X-SpotX-Timing-Page-Mux
0.001155
X-SpotX-Timing-Page-Require
0.000410
X-fe
047
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000057
X-SpotX-Timing-Page
0.068190
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000351
Last-Modified
Wed, 03 Feb 2021 20:37:40 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.027970
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://geissblog.koeln
X-SpotX-Timing-Page-Misc
0.004035
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.033739
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t
t.lkqd.net/ Frame F52A
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:40 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 550A
150 KB
35 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
showad.js
ads.pubmatic.com/AdServer/js/ Frame 831F
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=168757
Expires
Fri, 05 Feb 2021 19:30:17 GMT
Date
Wed, 03 Feb 2021 20:37:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 550A
37 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94f8-5b232eca8cf5e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=168757
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
13837
Expires
Fri, 05 Feb 2021 19:30:17 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 550A
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384660401&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:40&ranreq=0.9389138434554689&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 0CC6
959 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
588
Expires
Wed, 03 Feb 2021 20:37:40 GMT
track
aktrack.pubmatic.com/ Frame 0CC6
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B72E
150 KB
35 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9738
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=168756
Expires
Fri, 05 Feb 2021 19:30:17 GMT
Date
Wed, 03 Feb 2021 20:37:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B72E
37 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94f8-5b232eca8cf5e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=168756
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
13837
Expires
Fri, 05 Feb 2021 19:30:17 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B72E
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661015&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:41&ranreq=0.6463091208546228&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0CC6
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384660076&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384661521090-130
Expires
Wed, 03 Feb 2021 20:37:41 GMT
track
aktrack.pubmatic.com/ Frame 0CC6
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 0CC6
959 B
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
61869c34b57fe454b5df9c0af266893b8772ee9c0e805b0b7b342c303de914d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
588
Expires
Wed, 03 Feb 2021 20:37:41 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame EDFC
150 KB
35 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
showad.js
ads.pubmatic.com/AdServer/js/ Frame AD34
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=168756
Expires
Fri, 05 Feb 2021 19:30:17 GMT
Date
Wed, 03 Feb 2021 20:37:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame EDFC
37 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94f8-5b232eca8cf5e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=168756
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
13837
Expires
Fri, 05 Feb 2021 19:30:17 GMT
track
aktrack.pubmatic.com/ Frame 0CC6
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:41 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
AdServerServlet
vid.pubmatic.com/AdServer/ Frame EDFC
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661739&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:42&ranreq=0.7496495509631029&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 0CC6
0
116 B
XHR
General
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=154ed889&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.146.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:42 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 0CC6
0
124 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384661&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:42 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 2EFC
327 KB
111 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1612384662.dop226.fr8.t,1612384662.cds016.fr8.shn,1612384662.cds016.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112981
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 2EFC
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1612384662457
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 20:37:42 GMT
Last-Modified
Wed, 09 Dec 2020 03:19:01 GMT
ETag
"1607483941"
X-HW
1612384662.dop245.fr8.t,1612384662.cds243.fr8.shn,1612384662.cds243.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
getuid
ib.adnxs.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1939dbfb9d5c3ac1f8c3e633901aff87&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g030_6925139391862573939
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKtvz_IozzqjpiaHKbxzcSk&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b01c49c-d453-4034-9015-86cc3479a2d3
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YBsJl...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YBsJlgAAAJCoXFZV&_test=YBsJlgAAAJCoXFZV
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1f44601b-098f-4600-8e98-90833ff98e5e&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=538953412995131601
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2776833428396175541
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1939dbfb9d5c3ac1f8c3e633901aff87&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-q6uFQgR1lwTevzkj_LxB3Fyw0yWo7J.RZnAyr929
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4797849&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aaab4810-665f-11eb-9da8-4b9782986078
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
0
0

/
ads.stickyadstv.com/additional-scripts/ Frame 2EFC
301 B
855 B
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fgeissblog.koeln%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:42 GMT
Server
nginx
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1612384662458057-97
Expires
Wed, 03 Feb 2021 20:37:42 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2EFC
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C53393%2C1%2C8199716254323992747719192940%2C%2C&vav=b0e17f0e3fd0891c7d70425617b1033b&vaviv=05221e514093bc3ce7d50cd3a00c4fee&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.7.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fgeissblog.koeln%2F&locDebug=LOC-ERRJS001%20-%20top%20window%20location%3A%20https%3A%2F%2Fgeissblog.koeln%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:42 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384662476051-101
Expires
Wed, 03 Feb 2021 20:37:42 GMT
t
t.lkqd.net/ Frame F52A
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
170 B
224 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1612384662507058-49
Expires
Wed, 03 Feb 2021 20:37:42 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:42 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1612384662551019-163
Expires
Wed, 03 Feb 2021 20:37:42 GMT
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame F52A
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
event
events.apester.com/
0
46 B
XHR
General
Full URL
https://events.apester.com/event
Requested by
Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
date
Wed, 03 Feb 2021 20:37:43 GMT
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
alt-svc
clear
content-length
0
event
events.apester.com/ Frame
0
0
Other
General
Full URL
https://events.apester.com/event
Protocol
H2
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
OPTIONS,OPTIONS
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
86400
date
Wed, 03 Feb 2021 20:37:43 GMT
via
1.1 google
alt-svc
clear
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
910cf6c204c863028ff7aea6b45b5c11227b0275d4bb811a99e485ef19d85c3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:43 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1364
vpaid.js
ad.lkqd.net/vpaid/ Frame 0780
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384663.cds001.lo4.hn,1612384663.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
usync.html
ad.lkqd.net/cookie-sync/ Frame 6377
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:43 GMT
cache-control
max-age=78389
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384663.cds001.lo4.hn,1612384663.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 0780
29 KB
3 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
eb581bc3e5b5448032aeb3fdb12ce8759ec3900f24f01e9eeba328af46e89f31

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3053
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:43 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 904C
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:43 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C2804625542583770036589320416%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384663455011-100
Expires
Wed, 03 Feb 2021 20:37:43 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
719 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C20030552922804625542583770036%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384663399091-49
Expires
Wed, 03 Feb 2021 20:37:43 GMT
av
vidoomy-d.openx.net/v/1.0/
48 B
248 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=977711088&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C4055333892804625542583770036,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:43 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:43 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:43 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame 904C
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 904C
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
92c4719f9f4479d85a7642e886d5686e89c2810bc8c51b603dd814cb1bfb1840

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:44 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1366
vpaid.js
ad.lkqd.net/vpaid/ Frame DE10
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:44 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384664.cds001.lo4.hn,1612384664.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
usync.html
ad.lkqd.net/cookie-sync/ Frame F568
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:44 GMT
cache-control
max-age=78388
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384664.cds001.lo4.hn,1612384664.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:44 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame DE10
37 KB
3 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
04d5e0f005edfea0d17fc9f65bcbf538336319cb6ffaf21560d1f6c4aa15cb81

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:44 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3357
t
t.lkqd.net/ Frame 9E40
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
718 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17215696606489915181340092611%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384664571020-7
Expires
Wed, 03 Feb 2021 20:37:44 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
720 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C18616226871721569660648991518%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384664517090-163
Expires
Wed, 03 Feb 2021 20:37:44 GMT
av
vidoomy-d.openx.net/v/1.0/
48 B
248 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=1885889868&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C5966684171721569660648991518,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:44 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/
2 KB
1 KB
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=1734474496&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
b8d4c8b700daf90c7d4811e7e2a82151c42e5c983c10a3aa93bddb66aa33f904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://geissblog.koeln
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
905
expires
0
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
t
t.lkqd.net/ Frame 9E40
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 9E40
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A54C
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
014ae9a3515e483b799b45028995f37ca64de416b17b09128fe311394e15696f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:45 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1361
vpaid.js
ad.lkqd.net/vpaid/ Frame 7B32
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:45 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 20:56:30 GMT
etag
"37ec3f32952873470d227dd7944c04e7"
x-hw
1612384665.cds001.lo4.hn,1612384665.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62007
usync.html
ad.lkqd.net/cookie-sync/ Frame 8481
0
0
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 20:37:45 GMT
cache-control
max-age=78387
content-encoding
gzip
content-length
1855
content-type
text/html
last-modified
Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges
bytes
etag
"e9caae8bfca78f42f31517057bcbc6c7"
x-hw
1612384665.cds001.lo4.hn,1612384665.cds074.lo4.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 7B32
29 KB
3 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=&rtv=1&thost=geissblog.koeln
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
eea398272a92d182352e66fbe65900b2a64c380ae68173e5d89c0fbbfb803137

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Feb 2021 20:37:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://geissblog.koeln
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3055
ad
v.lkqd.net/ Frame
0
0
Other
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=&rtv=1&thost=geissblog.koeln
Protocol
H2
Server
146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:45 GMT
content-length
0
access-control-allow-origin
https://geissblog.koeln
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 10FC
0
164 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://geissblog.koeln
date
Wed, 03 Feb 2021 20:37:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Other
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://geissblog.koeln
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 03 Feb 2021 20:37:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://geissblog.koeln
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
577 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C65093650191332388811392821097%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384665536055-91
Expires
Wed, 03 Feb 2021 20:37:45 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
579 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C12917071356509365019133238881%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Feb 2021 20:37:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://geissblog.koeln
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1612384665538023-90
Expires
Wed, 03 Feb 2021 20:37:45 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz
0
0

av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
48 B
249 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://geissblog.koeln/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 20:37:45 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 03 Feb 2021 20:37:45 GMT
via
1.1 google
server
OXGW/16.202.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://geissblog.koeln
access-control-allow-credentials
true
alt-svc
clear
content-length
0
t
t.lkqd.net/ Frame
0
0

t
t.lkqd.net/ Frame
0
0

t
t.lkqd.net/ Frame 10FC
0
0

t
t.lkqd.net/ Frame 10FC
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| configuration function| $ function| jQuery object| _zxcvbnSettings function| swal function| sweetAlert object| SteadyWidgetSettings object| e object| f object| wpp_params object| WordPressPopularPosts boolean| avia_is_mobile object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings function| __tcfapi object| _sp_ string| geo_cntr object| recRTBAF object| recRTBII object| recRTBUnd object| recRTBWrapReveal function| getUrlVars object| urlParams object| recWindow boolean| endView50 boolean| endView100 undefined| campaignId boolean| forceRadsjs object| checkBF object| checkAF undefined| undParentEl undefined| elSelectorUnd undefined| divWrap undefined| understitialParams object| recDocument boolean| isAdformCalled object| vastRTBadJSON string| wrapRevealRTBadJSON object| radsjsScripts object| inits boolean| radsJS object| cacheImgAdv object| cacheImgAdv50 object| requestLinks boolean| isAdformCalledUnd object| paramsAdv string| contentsCS object| RadsJS string| et boolean| isSafari function| gb_get_page_type function| gb_get_single_post_format object| jQuery112406107077743395948 object| _paq function| wpss_set_ckh function| wpss_init_ckh function| wpat function| wpat_prepare object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height function| MSJJFdd object| piqys4d5Flags string| piqysf70Rnd object| piqysd66dtc string| r3f5x9JS string| hf4N string| hf4V object| avia_framework_globals object| wpcom_img_zoomer object| detectZoom boolean| isAdformCalledII object| pwsL10n function| passwordStrength object| wp object| pp_ajax_form object| pp_del_avatar_obj function| pp_chosen_browser_is_supported function| Froogaloop function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint function| $f function| aviaOnGoogleMapsLoaded function| onYouTubeIframeAPIReady object| addComment object| ZenoCommentsAjax function| wpss_get_ckf function| wpss_set_ckf function| wpss_init_ckf object| eucookielaw_data function| recTrack boolean| piqys720sdl boolean| piqys720sdln string| piqysd66dgenat string| piqysd66dsthash string| piqysd66dDomain boolean| piqys566forceimp object| piqyssc object| twemoji boolean| isSingleVideoAdLoaded boolean| piqysaf5Body boolean| piqyse36Detect object| piqysca3Mobile object| piqysd66d1 object| piqysd66do1 object| piqysd66do2 object| piqysd66do3 object| piqysd66d2 number| piqysd66dd3 object| piqysd66d4 object| piqysd66d5 boolean| piqys77dij object| pbjs object| _pbjsGlobals object| moli undefined| xmlHttp object| APESTER object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log object| core function| setImmediate function| clearImmediate function| iFrameResize object| wgxpath boolean| SteadyWidgetBooted function| postscribe function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_trust_token_operation_status number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn object| vpaidLoader object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| confiant function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState object| googletag object| vmConsentCookieFinder object| VM object| lkqd object| mobile_blocked_mfs function| lkqd_http_response boolean| piqys591Track function| _typeof object| criteo_pubtag object| criteo_pubtag_standalone_103 object| Criteo object| Criteo_standalone_103 object| adsbygoogle boolean| _gfp_a_ function| google_spfd object| google_jobrunner function| zxcvbn

22 Cookies

Domain/Path Name / Value
geissblog.koeln/ Name: _pk_ses.2.f296
Value: *
geissblog.koeln/ Name: _wpss_p_
Value: N%3A0%20%7C%20
.geissblog.koeln/ Name: _ga
Value: GA1.2.377372049.1612384653
geissblog.koeln/ Name: _pk_id.2.f296
Value: 31b44bcba0198bbf.1612384653.1.1612384653.1612384653.
.geissblog.koeln/ Name: consentUUID
Value: cbd61669-2f63-41c9-8a97-565696f568d4
geissblog.koeln/ Name: JCS_INENREF
Value:
geissblog.koeln/ Name: _sp_v1_lt
Value: 1:
geissblog.koeln/ Name: _sp_v1_uid
Value: 1:234:bbb027c4-1495-49f7-896e-ded9d56a0447
geissblog.koeln/ Name: _sp_v1_opt
Value: 1:
geissblog.koeln/ Name: JCS_INENTIM
Value: 1612384652848
geissblog.koeln/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKBjLyQAyD2lidGKVUEDOvNCcHyC4BK6iurVWKBQAW54XRMAAAAA%3D%3D
geissblog.koeln/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
.geissblog.koeln/ Name: _gid
Value: GA1.2.1952379983.1612384653
.geissblog.koeln/ Name: ckon2102
Value: sject2102_609d9c890b106
geissblog.koeln/ Name: _wpss_h_
Value: 2
geissblog.koeln/ Name: _sp_v1_data
Value: 2:241830:1612384652:0:1:0:1:0:0:_:-1
geissblog.koeln/ Name: PHPSESSID
Value: 8206d2ddf96872af3acbdba1debeb6e4
.geissblog.koeln/ Name: SJECT2102
Value: CKON2102
geissblog.koeln/ Name: _sp_v1_csv
Value: null
.geissblog.koeln/ Name: c0c1f1f8691795a875858e6fcd0279bd
Value: 60b65f4c57c66cd45825f4d081efe526
.geissblog.koeln/ Name: _gat_steadyGATracker
Value: 1
.geissblog.koeln/ Name: __cfduid
Value: d07d69b02a5d96527cab00f0fba706e511612384652

90 Console Messages

Source Level URL
Text
console-api log URL: https://geissblog.koeln/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1)
Message:
bootstrap [object HTMLDocument] loading
console-api log URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1)
Message:
bootstrap [object HTMLDocument] interactive
console-api log URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1)
Message:
initialize
console-api log URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 105)
Message:
Retrieved data from TCF API, calling reload go
console-api log URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 66)
Message:
Consent Reload Go: Unable to retrieve page href, using document.URL instead: https://geissblog.koeln/
console-api log URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 84)
Message:
VM: ReloadGo - Found consent type: euconsent
console-api log URL: https://static.criteo.net/js/ld/publishertag.standalone.js(Line 2)
Message:
%cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: 'placements' parameter is empty
console-api log URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1)
Message:
bootstrap [object HTMLDocument] complete
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384655168
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:35&ranreq=0.11370945510546848&timezone=1&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:PM AdRequest Time: 1.927secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Ad Error Time: 1.929secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Total Component Time since player call: 1.986secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384657197
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:37&ranreq=0.9073923620928164&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:PM AdRequest Time: 0.529secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Ad Error Time: 0.53secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-info:Total Component Time since player call: 0.589secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384660401
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:40&ranreq=0.9389138434554689&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:PM AdRequest Time: 0.532secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Ad Error Time: 0.534secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Total Component Time since player call: 0.581secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661015
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:41&ranreq=0.6463091208546228&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:PM AdRequest Time: 0.532secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Ad Error Time: 0.534secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Total Component Time since player call: 0.581secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661739
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:42&ranreq=0.7496495509631029&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:PM AdRequest Time: 0.531secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Ad Error Time: 0.533secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-info:Total Component Time since player call: 0.603secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lkqd.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
aktrack.pubmatic.com
cdn.privacy-mgmt.com
cdn.recognified.net
cdn.stickyadstv.com
cm.adsafety.net
cm.g.doubleclick.net
concheck.adsafety.net
confiant-integrations.global.ssl.fastly.net
dergeissbock.de
events.apester.com
fonts.googleapis.com
fonts.gstatic.com
geissblog-koeln.h5v.eu
geissblog.de
geissblog.koeln
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
images.intellitxt.com
k.intellitxt.com
pagead2.googlesyndication.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
rads.recognified.net
s.amazon-adsystem.com
s0.wp.com
search.spotxchange.com
ssum-sec.casalemedia.com
static.apester.com
static.criteo.net
stats.g.doubleclick.net
steadycdn.com
steadyhq.com
t.lkqd.net
ups.analytics.yahoo.com
v.lkqd.net
vast.emxdgt.com
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.springserve.com
www.google-analytics.com
www.google.com
www.google.de
cm.g.doubleclick.net
ib.adnxs.com
t.lkqd.net
104.108.144.214
104.108.145.8
104.26.4.190
143.204.93.122
143.204.93.3
145.239.0.62
146.20.128.101
146.20.132.64
151.101.113.194
151.139.128.11
172.104.157.168
185.64.190.75
185.94.180.123
192.0.77.32
2.18.233.180
2.18.234.233
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:2a
2001:780:12e::138
2001:8d8:100f:f000::2b9
2a00:1158:1000:300::1ac
2a00:1288:110:c305::8000
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:821::2002
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638::3
3.123.110.9
3.123.200.209
3.124.119.192
3.126.56.137
3.139.146.156
3.17.116.255
35.190.63.234
35.190.72.53
35.244.159.8
37.157.6.245
37.252.173.27
54.172.220.77
54.204.53.197
72.21.206.140
80.82.217.101
85.159.214.153
92.51.173.106
92.51.173.91
014ae9a3515e483b799b45028995f37ca64de416b17b09128fe311394e15696f
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40
0407ab8c80d6b6d290c06dbc87a0fc3f8a48733e3f68384ff461274beae72b77
04d5e0f005edfea0d17fc9f65bcbf538336319cb6ffaf21560d1f6c4aa15cb81
0b150d0e7595c7dc3d57192608e357c28a2b3c4947c575968ef94eef996a829f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce059b70275fa2dc3bae871e79ab94fd41a6df2f892f35fdc2e767d6cb28411
0e1f00865632f19af5b67c4364aacef74cedc04f10a0fe31a8cb72a705bcecc9
110c2653a96926d70a4397465cd4ced2f3b01765805539284795209f7a954bd9
12a9d24387fd6ecf7a0f2d411c84c5ee6f6715e262044b7df6a443e43d80a2f4
13e10b02b411e6feee2ea5027b0fa2225421394d9c574d68c35a2669f5ecd625
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
1567c856cddcbb3c01d32df57a1c18e1cfc5aed6633cf3e2cb36d6d32fa351d3
16515a9aa9d56b23b10db6979f7fab23dd04c2edb22b5d452adba1607dffd912
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22518ff32f769e282e7b884f80b238038242e11fcd7c9ddf11a53285f6f4993a
240283237b08bd2f685051f02d08cd723fad52af6527196d8a60df2f6d6b46af
28f4a5c83a1f4015a55df7f6a924b86059f76228b4562950c93278d1a4497b92
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2926fe86c2990ffa67121178b0089226921b152eb6951b77517835a3d79804cd
2a23beaf4513879e5821fff335370ee59d0175fc87e6dd8a6fabbc76bb44a9d8
2bdfbfff7a24bc7dc4735a7aa4872a98cd780506db5b896abba8b21df4bec236
309c6e8ef5c13a765026d4bccc5bfae616174d9df2b559ae8ea63302035c40c1
30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd
356d3bf6231d3e130d390c9c92767564fa1dfc9466ba800199daf931284b5294
3971c15cce21ebc7e7e5503362ab05848463642d6d2b06931b5345ef060e9df6
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
3dd347f2e729a461cbb7297358ce65ae9f7bce3d5b3103173d016c532b281d7b
3f18c9dd8b5eafb489db91ada24384af952e74304eff7a1e9ab5fe595be371ce
3fe2418b9b19b1e77e916cd81a422923b3dc6d15b5825c28579aef52daee4975
415f323e0481fc1a1a50536ec9975dae2f874ce3feac615b1421286b6ba82461
41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2
42c695d173da802764ab3a8cafc72dc7e0e6aa9a1267f27c58b354419f19089b
43e9791e905a0885af60405def69585a7fbde323741c0285edd9785c21474c1f
4531fa9e33bdebbab12ece3bec25d0e0f0b79d2f72359cca9ccdd34afbff37b0
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
482710ea28ed8431d3de1f673789cd84f1487667e3f5978066853588d66fb9e1
4886c60ad92f6025d6f745334953547a5537a9c390eb9dd6cd3b6ad8d7b8e7af
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492e3c52a7dca7a3e295d9e9222dd92aa6953330879b5cd47ad1507ef1e17742
4bb9d8dee3132f6ed929ada15bde551fb14556bc70d106865c67df1e910c1991
4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff
4cc7de5018528ebe122169cc075f7ccabeed2b115444e919f2f3288b8dfaebd3
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380
53e1e85997f799693c71ee1ad64cbfb6ca48d4c1f2f9961d79e27b05261110be
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57941f510bd6902f2b0f4aa1668ab8cccb87229bd9f4e49994de6e47f51e12c6
5808873c15670e85f2a4c28425e35afdf1f28e9d13468907b13716099d290e4b
5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c
5dd6512118172096e0b6fbd9e8073deabf6269b028c0ba5f1c1217b307b0ef02
61869c34b57fe454b5df9c0af266893b8772ee9c0e805b0b7b342c303de914d7
632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1
64867330c618881aba8bdc9963936f5bf1d53f0532a2aee76433286d48329bfe
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
70b09caeba9fd63d6fd8290b55eaf878222fe316ab270197ec3172edc653e1ae
726e1f66308fc58d7be07ce3134610c9e3925864cf5a30bc28236d90e5926be5
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
74001dbc57074e4f66703a182f03f607140065647c5a3a3658746157d86b42e3
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46
7b2ee61bcca53f60642717b52fbd8c07d37d0cd5459d9601abafe9ae10ab2c18
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856bfa53483ac7c6f78908c5c0e0a0beb48d6486847976f480a2f99af8580877
85be19406882557ca0b6f053ea6c9f29481f0d6323300399e54af9451bbea6f8
86b933ec2b1ef7c8740c9b3e2f3e8281de541822fa3aa69dc2946bb3496b1744
879e3af6287043464e0fcf6d609b1caebe514923a4a4e2ca2d79bd8ee719dbc9
8c38f9bba09e4a90a4e66ae16f97f374723520be8f99c5d1c22279526d856f92
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
903487e9cdcdedbee737f80e2b8f44078441ad98ff1ceea9a8c974945e9e567a
90cc47b7ee1983c168809d3b3f01938e69ef76ec8e1eada02a78206ee86c22c8
910cf6c204c863028ff7aea6b45b5c11227b0275d4bb811a99e485ef19d85c3d
92c4719f9f4479d85a7642e886d5686e89c2810bc8c51b603dd814cb1bfb1840
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7
986161275fe50b92e5cff2ba4451df6e261be46d1705530ee7bbf3013c50d01d
9a7d3ac517457ab317841cbd51108aa3623c4e0839d2b53af410b4bd65f73ce7
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9faba832c85307453797f3e9d3337c9bf9817fce955383f607ae1187216ba328
9ffe55ff97371b9d4206e62591610875ef833cc3fce2ebf0c18a7971c480d30b
a0f4831384e5f952f5be620c856801cbe0f152c7d7e73dedb1716f68ca2a49ac
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4353bb5413e2671ebae1e8ab407a4279f471932ac64a582ce8f14dcf18d20b2
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad585fea5d77cebd31725e9e17719d38c5c45c6dbbd32372f81204cf88321b45
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecf16f6bec9a845516902a99ce2a2c4d7b0420d52a64a715b63134903b7546b
af01fc2add9ab53a9b3cc0d739ee7ea0c8608b7c6bff8cc9ca44ad9b27e64d46
b0d3cc7a2e6e9cde2ae9c89b0fd7448b6f5521aa4429c18aac727b578dc588f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8d4c8b700daf90c7d4811e7e2a82151c42e5c983c10a3aa93bddb66aa33f904
b9053c0d51e58c3e654f5f9da0ca1dbe610b1cf822b8ec20ae73a495bbc88c83
ba5057c879e4c611b8884e0d731a2a099e0056e6b29d6c9c94e815b25f58b4e7
c0cb5da73f240a6361735e79e009020a660b3e0df432f0c196b78866c74ee085
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a0fb4da7f6db6ea3be9b26968272fd292b94084b4f85652c21a91e106613ff
c4a89513e5c0af25507ec453e7fae8e747598971213d5a665e65eddd2a274df8
c5c009465285f72f001f9cccb685bc3f34ae58ecf476105862c7a14c8456d351
c7cab0e16ac6bd8de5197689fb2d28a55319b060d504aa76083aac7b031752cf
cd0e982047bf2356b38e7edf3ec5004a739f80feaa98c398d85fb52b8b8f5dbc
ce2a59bd85aec76740de2bf1512de1aa6b2a08ad81365a9be849d2061da6f07d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c3c38ca2b702aaf088a403f6d73d6f3b4f561e6aed6243a567deb0e20ee960
d14d95bf869a40690d57037a66c664c7b14dc0bcf21afa9a6b1695a01ad3b56c
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d439a24b28c387574f72c2387db2cc61a74bfb2f8c9c2199c543bb5cd82fc342
d681a6179deb9541b37359c50e079cd1b2f7915c7fa9bc60baf52410ad722551
d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84
d76a875a6a7dd0a8e9f41d7bd5fe385740b81de4c2863c3ace33680de52c1aa3
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d9f0ce42a0cb6c2deb2f8eb08cca8a8611aac043dfcb4a2f261070285235beb7
df98b96585a92a9b317abaea1250b40357f27c1aa51bd1f114f4652b340d11b8
e38cf91578f50198e03ee4b86f388824080ea719f69c585a6bc81b30b147fd98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e492ad4635c3d68ef74bf2e1007eecd5dfb78f1c856a3ef6e35db0670eb09ac7
e58815f5cb83e2bc136e9264be7c12c8fc19369d488584cf52ce658c51020bbe
e6706ad7dab8c9155c0f17f80b6fc3684c2b453c8e2c72f7e19eeb7e74700346
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e72d3ff191082ad0628ef5b8e82e7754a15206fa10c3ff75700c3fafc2b59db9
e90a4769a82aada9462eb562e3f1baedf42929d613329920a93b7df71c49ac4e
e92d87863aa3dd24afd96b84f15071988babf01efbc1cb87cd205f884d7c6f89
eb581bc3e5b5448032aeb3fdb12ce8759ec3900f24f01e9eeba328af46e89f31
ee9c1685d5ae2a28a30ce5298102d94630cf547a1bc10427756a05c934476f18
eea398272a92d182352e66fbe65900b2a64c380ae68173e5d89c0fbbfb803137
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2413aceda6dd8ed85aee246a26889c17cdfaf2347e673f84915cd9025a54ca4
f2b91b31467145ea200a71c5a17d4f43c93cb5b51af4af31c9a7fa0771f2ee8e
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d
f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241
fa652365b96aee761c5987605599c7010286353f9c713706d10fc12a60d449e1
fd8bb2546a86dec43e711b8fa1cc7c58e3cc1bebdd80ccaa96dad4332e7ef27a
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d