geissblog.koeln Open in urlscan Pro
104.26.4.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://geissblog.de/
Effective URL:
https://geissblog.koeln/
Submission: On February 03 via manual (February 3rd 2021, 8:37:50 pm UTC) from DE

Summary HTTP 291 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 48 IPs in 10 countries across 36 domains to perform 291 HTTP transactions. The main IP is 104.26.4.190, located in United States and belongs to CLOUDFLARENET, US. The main domain is geissblog.koeln.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.

This is the only time geissblog.koeln was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:8d8:100f... 2001:8d8:100f:f000::2b9	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
74	104.26.4.190 104.26.4.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	35.190.72.53 35.190.72.53	15169 (GOOGLE) (GOOGLE)
1	92.51.173.106 92.51.173.106	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
4	143.204.93.3 143.204.93.3	16509 (AMAZON-02) (AMAZON-02)
1	2001:780:12e:... 2001:780:12e::138	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
1	85.159.214.153 85.159.214.153	63949 (LINODE-AP...) (LINODE-AP Linode)
1	3.17.116.255 3.17.116.255	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	92.51.173.91 92.51.173.91	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	145.239.0.62 145.239.0.62	16276 (OVH) (OVH)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 2	172.104.157.168 172.104.157.168	63949 (LINODE-AP...) (LINODE-AP Linode)
1	80.82.217.101 80.82.217.101	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	143.204.93.122 143.204.93.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1158:100... 2a00:1158:1000:300::1ac	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	35.190.63.234 35.190.63.234	15169 (GOOGLE) (GOOGLE)
4	54.172.220.77 54.172.220.77	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
16	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
19	146.20.132.64 146.20.132.64	27357 (RACKSPACE) (RACKSPACE)
41	146.20.128.101 146.20.128.101	27357 (RACKSPACE) (RACKSPACE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 20	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.204.53.197 54.204.53.197	14618 (AMAZON-AES) (AMAZON-AES)
6 9	3.123.110.9 3.123.110.9	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.124.119.192 3.124.119.192	16509 (AMAZON-02) (AMAZON-02)
2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
22	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
3 10	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
5	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.139.146.156 3.139.146.156	16509 (AMAZON-02) (AMAZON-02)
4	3.123.200.209 3.123.200.209	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
291	48

1 2001:8d8:100f:f000::2b9 (Germany) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

geissblog.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 104.26.4.190 (United States)

ASN13335 (CLOUDFLARENET, US)

geissblog.koeln	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.72.53 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 53.72.190.35.bc.googleusercontent.com

static.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.51.173.106 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: steadyhq.com

steadyhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.93.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-3.fra50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:780:12e::138 (Nuremberg, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)

geissblog-koeln.h5v.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.159.214.153 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li730-153.members.linode.com

cdn.recognified.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.17.116.255 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-116-255.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.51.173.91 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: steadycdn.com

steadycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.0.62 (Germany)

ASN16276 (OVH, FR)
PTR: concheck11.ct.smartaudience.biz

concheck.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.157.168 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1673-168.members.linode.com

rads.recognified.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.101 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.93.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-122.fra50.r.cloudfront.net

images.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1158:1000:300::1ac (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)

dergeissbock.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.63.234 (Mountain View, United States)

ASN15169 (GOOGLE, US)

events.apester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.172.220.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-220-77.compute-1.amazonaws.com

k.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 146.20.132.64 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 146.20.128.101 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.8 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2.18.234.233 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.204.53.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-53-197.compute-1.amazonaws.com

vast.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.123.110.9 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-110-9.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.119.192 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.108.144.214 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.139.146.156 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.200.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	lkqd.net ad.lkqd.net v.lkqd.net t.lkqd.net	474 KB
74	geissblog.koeln geissblog.koeln	2 MB
34	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com	255 KB
22	stickyadstv.com 2 redirects ads.stickyadstv.com cdn.stickyadstv.com	151 KB
11	advertising.com 8 redirects ads.adaptv.advertising.com pixel.advertising.com	7 KB
10	openx.net 3 redirects vidoomy-d.openx.net	3 KB
8	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads-eu.v.ssp.yahoo.com	8 KB
7	intellitxt.com images.intellitxt.com k.intellitxt.com	68 KB
7	apester.com static.apester.com events.apester.com	83 KB
4	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	196 KB
4	privacy-mgmt.com cdn.privacy-mgmt.com	52 KB
3	emxdgt.com vast.emxdgt.com	993 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net Failed	312 B
3	googlesyndication.com pagead2.googlesyndication.com	166 KB
3	gstatic.com fonts.gstatic.com	37 KB
3	recognified.net 1 redirects cdn.recognified.net rads.recognified.net	168 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	criteo.net static.criteo.net	58 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	69 KB
2	dergeissbock.de dergeissbock.de	65 KB
2	adsafety.net concheck.adsafety.net cm.adsafety.net	632 B
1	amazon-adsystem.com s.amazon-adsystem.com	344 B
1	spotxchange.com search.spotxchange.com	1 KB
1	criteo.com gum.criteo.com
1	casalemedia.com ssum-sec.casalemedia.com	315 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	adform.net adx.adform.net	649 B
1	steadycdn.com steadycdn.com	131 KB
1	wp.com s0.wp.com	3 KB
1	vidoomy.com ads.vidoomy.com	3 KB
1	h5v.eu geissblog-koeln.h5v.eu	121 KB
1	steadyhq.com steadyhq.com	2 KB
1	geissblog.de 1 redirects geissblog.de	224 B
291	36

	Domain	Requested by
74	geissblog.koeln	geissblog.koeln
41	t.lkqd.net	ad.lkqd.net
20	ads.stickyadstv.com	2 redirects ad.lkqd.net vpaid.springserve.com cdn.stickyadstv.com
19	v.lkqd.net	ad.lkqd.net
16	ad.lkqd.net	geissblog.koeln ad.lkqd.net
12	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
10	ads.pubmatic.com	vpaid.pubmatic.com
10	vidoomy-d.openx.net	3 redirects ad.lkqd.net
9	ads.adaptv.advertising.com	6 redirects vpaid.springserve.com ad.lkqd.net
7	aktrack.pubmatic.com
5	vid.pubmatic.com	vpaid.pubmatic.com
4	ads-eu.v.ssp.yahoo.com
4	k.intellitxt.com	images.intellitxt.com k.intellitxt.com geissblog.koeln
4	events.apester.com	static.apester.com
4	cdn.privacy-mgmt.com	geissblog.koeln cdn.privacy-mgmt.com
3	vast.emxdgt.com	ad.lkqd.net
3	ib.adnxs.com	2 redirects vpaid.springserve.com
3	pagead2.googlesyndication.com	geissblog.koeln pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	images.intellitxt.com	geissblog.koeln k.intellitxt.com images.intellitxt.com
3	static.apester.com	geissblog.koeln static.apester.com
3	fonts.googleapis.com	geissblog.koeln steadycdn.com
2	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
2	vid-io-cle.springserve.com	vpaid.springserve.com
2	vpaid.springserve.com	ad.lkqd.net
2	ups.analytics.yahoo.com
2	pixel.advertising.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	static.criteo.net	images.intellitxt.com static.criteo.net
2	www.google-analytics.com	steadycdn.com www.google-analytics.com
2	confiant-integrations.global.ssl.fastly.net	geissblog-koeln.h5v.eu confiant-integrations.global.ssl.fastly.net
2	dergeissbock.de	geissblog.koeln
2	rads.recognified.net	1 redirects geissblog.koeln
1	s.amazon-adsystem.com
1	search.spotxchange.com	vpaid.springserve.com
1	cm.g.doubleclick.net
1	gum.criteo.com	static.criteo.net
1	ssum-sec.casalemedia.com	geissblog.koeln
1	www.google.de	geissblog.koeln
1	www.google.com	geissblog.koeln
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cm.adsafety.net	geissblog.koeln
1	adx.adform.net	cdn.recognified.net
1	concheck.adsafety.net	cdn.recognified.net
1	steadycdn.com	steadyhq.com
1	s0.wp.com	geissblog.koeln
1	ads.vidoomy.com	geissblog.koeln
1	cdn.recognified.net	geissblog.koeln
1	geissblog-koeln.h5v.eu	geissblog.koeln
1	steadyhq.com	geissblog.koeln
1	geissblog.de	1 redirects
291	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
geissblog.shop
twitter.com
www.anschlusstor.de

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
static.apester.com R3	`2020-12-19` - `2021-03-19`	3 months	crt.sh
*.steadyhq.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
*.privacy-mgmt.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.h5v.eu Thawte RSA CA 2018	`2021-01-20` - `2022-02-11`	a year	crt.sh
*.recognified.net R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
joinsteady.com R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.adsafety.net AlphaSSL CA - SHA256 - G2	`2019-02-21` - `2021-02-21`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
images.intellitxt.com Amazon	`2020-11-08` - `2021-12-07`	a year	crt.sh
dergeissbock.de Starfield Secure Certificate Authority - G2	`2020-08-17` - `2021-08-31`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
events.apester.com R3	`2020-12-19` - `2021-03-19`	3 months	crt.sh
*.intellitxt.com SSL.com RSA SSL subCA	`2020-11-04` - `2021-12-05`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
ad.lkqd.net R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.lkqd.net Go Daddy Secure Certificate Authority - G2	`2019-05-13` - `2021-07-12`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.springserve.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-09-03`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh

This page contains 41 frames:

Primary Page: https://geissblog.koeln/
Frame ID: AF0A5664877F9D8F345154802FED5894
Requests: 159 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
Frame ID: 1E03EC2C63E14A9DD4CE6BF556546F26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Frame ID: F9609B7CA0774D263F0B8E4D68616DF1
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A54C8A9DA5AA2E694B0BB6185F40E4B3
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: EB22A9AF3D11303D0EEA136FCDBF4D6E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 03B82A0EC97A9E18913663FFAB8AD927
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A41C6DA8003530B5D03983109CC3BE66
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7ED1DE586919F247EF108FEE5BAA3B5B
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9B8BB9FB2302CB8A3D6D0D774466285E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A86FD0BB2A096362E43DB0B1990332F9
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F08D3DB3D6CDD8E05804DD13F07FBD12
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C2BDF55AE9BB05B469F0D07E12318D3A
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Frame ID: EBD040E1EB8839350CC0C94EE6699A67
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_9533396a.js
Frame ID: 24807976DAB4C9946D4A3D8B530531A0
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Frame ID: 3A5B4435DC1F675AD5A97681CF04F918
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 52D647EC9951C7BBE51EAF68A7F7D975
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Frame ID: 8567BD6C7CBDED800DEB5B508E2613EA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D20EA7F7F8995CE313E87FC71F7C58C2
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: F0C422AA201E9D466AF7E7E9981D929F
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0A1F3D22BA6D1B5FEEE038F30F41A578
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 42823BD397E1272366DF4B2F073FF5CB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 854620ADA3A258236262B92A4E8FF577
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A649FF565158E7E3B2964ACD46CA32EF
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F52A561B5F152C9136E88F55698B9978
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_9533396a.js
Frame ID: 0CC6CD59D54204131C31A5CD865149A4
Requests: 12 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: 550A1E607F2DD23A08D92ED09029346D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 831F06C797977C38C5174C5C541BB344
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: B72E32D65C4BD5A7627DF9F06A2806F6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9738EAB8D37DA8806B76834B0C119B4F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Frame ID: EDFC86D346C0DEB4F52F2708B41F163E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AD341B772F1C3ADC56821674ED6A5D40
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 2EFC6625F06AD95DAB97256018E080D5
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 0780B34C7194FC71F0CF0BD908B703AC
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6377C0ED21E2A226D4736CBBF0F8D6B7
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 904CF21730F8000DCAD4D3ED87D389CB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DE109521403EE254BCFF5778F3564E86
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F568870A7FF49C9C155001B062852528
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9E401A96090072437956DEB9BCA2E418
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7B32D3B0DB5B67E7EE4BF7DCFC92F28D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8481E6FE64143A2681C2A8970194AAEE
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 10FC786CBF098D5131A88E4636659743
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://geissblog.de/ HTTP 302
https://geissblog.koeln/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

291
Requests

97 %
HTTPS

32 %
IPv6

36
Domains

52
Subdomains

48
IPs

10
Countries

3922 kB
Transfer

10257 kB
Size

22
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Geissblog.Koeln
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/GEISSBLOG_KOELN
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeG3hADnIChco6uOJPgil4g
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/geissblog.koeln/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://geissblog.shop/
Title: GBK-Shop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geissblog.koeln
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/GEISSBLOG_KOELN
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.anschlusstor.de/werbekunden/leistungen/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://geissblog.de/ HTTP 302
https://geissblog.koeln/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://rads.recognified.net/cm/ HTTP 302
https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b

Request Chain 130

https://ib.adnxs.com/getuid?https%3A%2F%2Fk.intellitxt.com%2Fcsync%2F0%2Fappnexus%2F%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fk.intellitxt.com%252Fcsync%252F0%252Fappnexus%252F%2524UID HTTP 302
https://k.intellitxt.com/csync/0/appnexus/5163634086831496560

Request Chain 140

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 143

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=289940278&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VAa50acfac-665f-11eb-98b2-0687339652a0?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

Request Chain 144

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 145

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=449471018&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VAa4fcd6a4-665f-11eb-a119-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

Request Chain 147

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,

Request Chain 148

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,

Request Chain 185

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=

Request Chain 187

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=

Request Chain 203

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=

Request Chain 205

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=

Request Chain 238

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1939dbfb9d5c3ac1f8c3e633901aff87&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g030_6925139391862573939 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKtvz_IozzqjpiaHKbxzcSk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b01c49c-d453-4034-9015-86cc3479a2d3 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YBsJlgAAAJCoXFZV HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YBsJlgAAAJCoXFZV&_test=YBsJlgAAAJCoXFZV HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1f44601b-098f-4600-8e98-90833ff98e5e&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=538953412995131601 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2776833428396175541 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/1939dbfb9d5c3ac1f8c3e633901aff87&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-q6uFQgR1lwTevzkj_LxB3Fyw0yWo7J.RZnAyr929 HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4797849&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aaab4810-665f-11eb-9da8-4b9782986078 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID

Request Chain 243

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=

Request Chain 244

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 287

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz

Request Chain 288

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,

291 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
geissblog.koeln/
Redirect Chain

http://geissblog.de/
https://geissblog.koeln/

307 KB
45 KB

211ms
170ms

Document
text/html

104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 2a23beaf4513879e5821fff335370ee59d0175fc87e6dd8a6fabbc76bb44a9d8

Request headers

:method: GET
:authority: geissblog.koeln
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d07d69b02a5d96527cab00f0fba706e511612384652; expires=Fri, 05-Mar-21 20:37:32 GMT; path=/; domain=.geissblog.koeln; HttpOnly; SameSite=Lax
x-powered-by: PHP/7.2.23
x-cache-handler: wp
last-modified: Wed, 03 Feb 2021 18:40:58 GMT
cf-cache-status: DYNAMIC
cf-request-id: 080b36641700004c3d43874000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V47l8Xpu2uBPIK%2BwOetn%2BqNTF9LSZAcUoLNJdjs3hRP%2BHI0qUrx%2BX8I91jsrgpt%2BWxlj9xezES5sfJOzbycjOa4raondLJJfMUc4v4HCEBA%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 61bef34cfbdc4c3d-AMS
content-encoding: br

Redirect headers

Content-Type: text/html; charset=iso-8859-1
Content-Length: 207
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 03 Feb 2021 20:37:32 GMT
Server: Apache
Location: https://geissblog.koeln

GET
H2 200 css
fonts.googleapis.com/ 1 KB
548 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,600,800

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0f4831384e5f952f5be620c856801cbe0f152c7d7e73dedb1716f68ca2a49ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 20:37:32 GMT
server: ESF
date: Wed, 03 Feb 2021 20:37:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 20:37:32 GMT

GET
H2 200 style.min.css
geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/css/ 7 KB
1 KB 46ms
41ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/css/style.min.css?v=0.9.2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8bb2546a86dec43e711b8fa1cc7c58e3cc1bebdd80ccaa96dad4332e7ef27a

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 14:07:55 GMT
server: cloudflare
age: 1621
etag: W/"1a61-5af0a3612f356"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2B5wMAiNew%2F%2BlNcW9h%2FFBYTfPIThB5CqDe0VDNEjW04zJF%2Fxcvevtv9cscZtCf88iFAEZCTpXFtBTOFnKmBJqw%2BvCq2iXCH1z78n55p4ydw%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e1f554c3d-AMS
cf-request-id: 080b3664cb00004c3de7048000000001

GET
H2 200 bs.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/bs/css/ 29 KB
5 KB 40ms
35ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/bs/css/bs.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd347f2e729a461cbb7297358ce65ae9f7bce3d5b3103173d016c532b281d7b

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=29338
cf-request-id: 080b3664cb00004c3d18360000000001
last-modified: Fri, 15 Nov 2019 23:29:58 GMT
server: cloudflare
etag: W/"729a-5976af9e74a61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6%2BIkKpXpwjLd10xgMjBSSuEFCWooMnc%2FGC2TPQ3jXOjvqUto6gpkaNRXcBBMUp9EeDgSISbVSU53Yr1mAaMBs5ZkSP8sz6UlPIrebeLyt1s%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e1f574c3d-AMS
cf-bgj: minify

GET
H2 200 flat-ui.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/css/ 28 KB
5 KB 44ms
39ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/flat-ui/css/flat-ui.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b91b31467145ea200a71c5a17d4f43c93cb5b51af4af31c9a7fa0771f2ee8e

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=29185
cf-request-id: 080b3664cc00004c3df5076000000001
last-modified: Fri, 15 Nov 2019 23:29:59 GMT
server: cloudflare
etag: W/"7201-5976af9f469bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z45p0RC%2F0jb9M0ybMnlKqz9xeRv5zvh77GGI7U3ZaOerxyU3aZ6d%2BA5yZ6vUDAF2AZQDW3gWZfcFx%2B4LzgU8No6PBohMQlluFU6I%2BJoBbPg%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e1f584c3d-AMS
cf-bgj: minify

GET
H2 200 zocial.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/zocial/ 41 KB
21 KB 29ms
24ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/zocial/zocial.css?ver=2.9.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9c1685d5ae2a28a30ce5298102d94630cf547a1bc10427756a05c934476f18

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=46958
cf-request-id: 080b3664cc00004c3d00a96000000001
last-modified: Fri, 15 Nov 2019 23:30:09 GMT
server: cloudflare
etag: W/"b76e-5976afa93419f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=89lBqqzjY3iMAsXy4nHhcImLS4ADdTNkMriV3LkD3lwtcJ5AxNd1wyDtrZIkf9CCehT6dGODCq6LvU%2B%2F6kPL8%2BJepFk%2B1FYKz8LY3ligQb0%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e1f5a4c3d-AMS
cf-bgj: minify

GET
H2 200 ppcore.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/ 23 KB
4 KB 47ms
42ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/ppcore.min.css?ver=2.9.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4353bb5413e2671ebae1e8ab407a4279f471932ac64a582ce8f14dcf18d20b2

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Nov 2019 23:30:06 GMT
server: cloudflare
age: 2535
etag: W/"5cc8-5976afa5a0940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vBmzQxv8KJId4q7qdPbKGXLwZisgLkvFpmBz1ENb2rr9qk655HqlWbnToGFmD1176eFCKIwoC6%2Bi9VnwszHMFzWIcWXtpSd58tIeku2wG8o%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e1f5e4c3d-AMS
cf-request-id: 080b3664cc00004c3d16b6a000000001

GET
H2 200 font-awesome.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/css/font-awesome/css/ 23 KB
5 KB 27ms
22ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/css/font-awesome/css/font-awesome.min.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Nov 2019 23:30:03 GMT
server: cloudflare
age: 2920
etag: W/"5cbb-5976afa38ecb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qSPY5%2FU50sp24VVGcyW%2BphIGsyEyMaiisLcDS4dmVSVhHtXRil4LVGc7o8kT6szH1AdrJi5aJ4wtDg7iCxv4Gx0fuznjL0nkfC6y%2FtYgc1w%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e1f644c3d-AMS
cf-request-id: 080b3664cd00004c3d4e3f9000000001

GET
H2 200 chosen.min.css
geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/ 11 KB
2 KB 42ms
38ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/chosen.min.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76a875a6a7dd0a8e9f41d7bd5fe385740b81de4c2863c3ace33680de52c1aa3

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Nov 2019 23:29:56 GMT
server: cloudflare
age: 2920
etag: W/"2b34-5976af9ce9248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMmudoViQKVHHjFkm5DiExE6ESsbpp5cb0uMStrMsXBDBLMA7DLvHcFpX945aB%2BycPz7q7jdMBr251ion6WsIGDHn2xrlYN3ysIwIXUFTrs%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e1f674c3d-AMS
cf-request-id: 080b3664cd00004c3dfb351000000001

GET
H2 200 wpp.css
geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/css/ 391 B
524 B 77ms
73ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.2.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=1509
cf-request-id: 080b3664cd00004c3d200fc000000001
last-modified: Thu, 10 Sep 2020 22:12:16 GMT
server: cloudflare
etag: W/"5e5-5aefcdc6a6275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=25yQuljGIp8Tpls7iylaR4hU2VpYplzr2%2Fb3F15m4yzUjfihj8n3o%2BM76FIfgglr0JV5qnFL07tQoR8pfn3qqG6zZU7RRPPKbB%2FUe%2F7osGI%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e1f6a4c3d-AMS
cf-bgj: minify

GET
H2 200 style.min.css
geissblog.koeln/wp-content/themes/enfold-child/assets/css/ 36 KB
5 KB 55ms
51ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74001dbc57074e4f66703a182f03f607140065647c5a3a3658746157d86b42e3

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 12:58:56 GMT
server: cloudflare
age: 2952
etag: W/"90cf-5b1144747775f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lccZq3uvTt%2BxWnaY7jzabPtbBXhlWpQEu65wpOTEJ7EeJ3Owzvz6J62rMxACusYYFwOrwlBv0q8cyHqT5nWJhz8MLFOOlZvX5nsguCPKg88%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e1f6c4c3d-AMS
cf-request-id: 080b3664cd00004c3d1123d000000001

GET
H2 200 grid.css
geissblog.koeln/wp-content/themes/enfold/css/ 6 KB
2 KB 46ms
43ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/grid.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0407ab8c80d6b6d290c06dbc87a0fc3f8a48733e3f68384ff461274beae72b77

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=9488
cf-request-id: 080b3664ce00004c3d08863000000001
last-modified: Tue, 15 Aug 2017 18:47:11 GMT
server: cloudflare
etag: W/"2510-556cf35008e9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M1vVqO%2B1RRtAHZCzLz7818pAxxW1xOeib%2FrO1oSsmthyqb8AuecrWw7D0JTghJIJkc%2FfyOAu1VboVogpCOoNmlHQdQPtmBydQliv7QL1ogw%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e1f6e4c3d-AMS
cf-bgj: minify

GET
H2 200 base.css
geissblog.koeln/wp-content/themes/enfold/css/ 11 KB
3 KB 68ms
65ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/base.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57941f510bd6902f2b0f4aa1668ab8cccb87229bd9f4e49994de6e47f51e12c6

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=14862
cf-request-id: 080b3664d800004c3d38149000000001
last-modified: Tue, 15 Aug 2017 18:47:10 GMT
server: cloudflare
etag: W/"3a0e-556cf34fe6bba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ZLlHpAloONZtGjAqWK9UYhv%2BGk3Qx0Bea6hIap10nW%2BFrlFYFIehX3ckTaa780BFIbVPO4Lc%2B36hpYyK8y4IWFEC%2FeWedN1qI3tWp884V4%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fa44c3d-AMS
cf-bgj: minify

GET
H2 200 layout.css
geissblog.koeln/wp-content/themes/enfold/css/ 96 KB
17 KB 55ms
52ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/layout.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad585fea5d77cebd31725e9e17719d38c5c45c6dbbd32372f81204cf88321b45

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=116597
cf-request-id: 080b3664d800004c3df634d000000001
last-modified: Tue, 15 Aug 2017 18:47:11 GMT
server: cloudflare
etag: W/"1c775-556cf3504d45c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ldz9bhDCHZNxKzgbu86xmWyfj2dye0YL1wER6ZLiJFTpyfsADo%2BXNyvaofE3skky8O2z%2BQPOySUoHbHfQxSKCCRcx7SPdMq3Eb2jjBqDt1M%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fa54c3d-AMS
cf-bgj: minify

GET
H2 200 shortcodes.css
geissblog.koeln/wp-content/themes/enfold/css/ 148 KB
25 KB 69ms
67ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/shortcodes.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309c6e8ef5c13a765026d4bccc5bfae616174d9df2b559ae8ea63302035c40c1

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=189730
cf-request-id: 080b3664d800004c3d13015000000001
last-modified: Tue, 15 Aug 2017 18:47:11 GMT
server: cloudflare
etag: W/"2e522-556cf3509dd6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VVPJVhyy6UD9Muq89Kq4l9R%2FV3xHN%2BjbMf8YF7MheKhXT5cBDW2IWEQaX2MRm43fJ5%2Fb12sPRuvM%2Bo4EZPYz6YwLY4iTS52GVPCV86CGykw%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fa84c3d-AMS
cf-bgj: minify

GET
H2 200 magnific-popup.css
geissblog.koeln/wp-content/themes/enfold/js/aviapopup/ 6 KB
2 KB 73ms
70ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903487e9cdcdedbee737f80e2b8f44078441ad98ff1ceea9a8c974945e9e567a

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=7640
cf-request-id: 080b3664d900004c3de98fc000000001
last-modified: Tue, 15 Aug 2017 18:47:47 GMT
server: cloudflare
etag: W/"1dd8-556cf372eb9cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LW%2BUZF1h%2FH0rSC4FHMsgQ9U9eCSrRSvyLJtbsOCuF9jafn5tek5tQ1hap1AXxrPGn6QqXeeprTLudzU4IUBLAWuBZPo7oKXjl6r4Nayioa8%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fa94c3d-AMS
cf-bgj: minify

GET
H2 200 mediaelementplayer.css
geissblog.koeln/wp-content/themes/enfold/js/mediaelement/skin-1/ 15 KB
3 KB 46ms
44ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0e982047bf2356b38e7edf3ec5004a739f80feaa98c398d85fb52b8b8f5dbc

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=18247
cf-request-id: 080b3664d900004c3de6a5e000000001
last-modified: Tue, 15 Aug 2017 18:48:28 GMT
server: cloudflare
etag: W/"4747-556cf39a4273d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yiy5Pg0VeZNOXAcgZykWAnfvrVXbyDJf4VYkFcClfLo%2BOTS37DaF2jWbejaTNvA1dZptcOvDJOhcGtwpvvZ%2BbTDzJYJ%2Bu%2BDILPnREsmleDo%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2faa4c3d-AMS
cf-bgj: minify

GET
H2 200 custom.css
geissblog.koeln/wp-content/themes/enfold/css/ 84 B
419 B 45ms
43ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/custom.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6706ad7dab8c9155c0f17f80b6fc3684c2b453c8e2c72f7e19eeb7e74700346

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=707
cf-request-id: 080b3664d900004c3d4e3fb000000001
last-modified: Tue, 15 Aug 2017 18:47:10 GMT
server: cloudflare
etag: W/"2c3-556cf34fda86a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLP8KRJhu8IxATr7sOhrIEvtokv9FvgvDpkyi2C5hO6Xcdn3oT8pKbMIDXtj%2FLGXzvpe8qhUDF51aPAsnPqC3ZLP5OP9OeTc3Jj6eGs4v7A%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fad4c3d-AMS
cf-bgj: minify

GET
H2 200 style.css
geissblog.koeln/wp-content/themes/enfold-child/ 0
335 B 46ms
44ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold-child/style.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535
cf-polished: origSize=267
content-length: 0
cf-request-id: 080b3664d900004c3d5387b000000001
last-modified: Wed, 07 Oct 2020 12:59:01 GMT
server: cloudflare
etag: "10b-5b114478e443f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vgwUaPbLjF4Y8Ti80NxN9gKmTB7s3Uj0CERyhPWiD4lXLvK6Y7eR7eneHfTqrMSMpNmESDDqF4ahP4%2BpbqNgPUCZlOTs%2B00WxtgnLbWJyUQ%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34e2faf4c3d-AMS
cf-bgj: minify

GET
H2 200 jetpack.css
geissblog.koeln/wp-content/plugins/jetpack/css/ 72 KB
12 KB 73ms
71ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/jetpack/css/jetpack.css?ver=7.1.2
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=73791
cf-request-id: 080b3664da00004c3ded8e3000000001
last-modified: Sat, 23 Nov 2019 10:44:28 GMT
server: cloudflare
etag: W/"1203f-5980136fa3672"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UR6NDFh5Naz%2FX6mS8HMvhggpzNrbF0TTgQy6uZIF3MHrB9iZoUGWDmEkZom%2F467n6l04%2FgYb%2Fe7LBbn44ojyoK6KGd5TjqdntVitJm6Hl9c%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34e2fb24c3d-AMS
cf-bgj: minify

GET
H2 200 script.min.js Show response
geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/js/ 0
293 B 51ms
49ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/geissblog-match-reviews//assets/js/script.min.js?v=0.9.2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1743
content-length: 0
cf-request-id: 080b3664da00004c3df0265000000001
last-modified: Fri, 11 Sep 2020 14:07:55 GMT
server: cloudflare
etag: "0-5af0a361898a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9sX7WBkhd0z8M6AJA6C1LkSoehJ1DQJ4oHZXZfdarbr4k55kP%2F2GKB2pNCA0OMZsb5wRDA2lgRQimhSDDSMpjuliDrNC%2BOzSy2ya6mNqCZE%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34e2fb34c3d-AMS

GET
H2 200 apester-javascript-sdk.min.js Show response
static.apester.com/js/sdk/latest/ 249 KB
79 KB 69ms
16ms Script
application/javascript 35.190.72.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.72.190.35.bc.googleusercontent.com
Software: nginx/1.19.6 /
Resource Hash: 879e3af6287043464e0fcf6d609b1caebe514923a4a4e2ca2d79bd8ee719dbc9

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:23:24 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 11:14:26 GMT
server: nginx/1.19.6
age: 848
etag: W/"5ffd8492-3e3e5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public,s-maxage=942,max-age=942
content-encoding: gzip
alt-svc: clear
content-length: 81101

GET
H2 200 jquery.js Show response
geissblog.koeln/wp-includes/js/jquery/ 95 KB
33 KB 52ms
49ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=96874
cf-request-id: 080b3664da00004c3d1294b000000001
last-modified: Thu, 05 Sep 2019 05:55:24 GMT
server: cloudflare
etag: W/"17a6a-591c7f7c1856c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Z%2FwhijNM0VBggMt089yoxPsVvk3QbF%2BputOMvWHy0GHBWpEt6rks8rRwazqfIHGxXwes60XHITNw2KYTaGUME7hL7PV5RbMicpYzdAhLM4%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34e2fb44c3d-AMS
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
geissblog.koeln/wp-includes/js/jquery/ 10 KB
4 KB 41ms
38ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:37:57 GMT
server: cloudflare
age: 2920
etag: W/"2748-556ce3d679ae1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1axhHvqIh4BJkUqfNdBXJsbSAgqWNy%2F%2B7ZKCmtxHJfM3kt2noNuq%2FICXAaFz3vRj%2FJqVYVMltvBb2eaOWA0xoRz5%2FrRcDMLoRXR%2FUG03QEU%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fb54c3d-AMS
cf-request-id: 080b3664da00004c3d46882000000001

GET
H2 200 zxcvbn-async.min.js Show response
geissblog.koeln/wp-includes/js/ 324 B
497 B 38ms
35ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e1e85997f799693c71ee1ad64cbfb6ca48d4c1f2f9961d79e27b05261110be

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:37:38 GMT
server: cloudflare
age: 2302
etag: W/"144-556ce3c54cb0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=adE5YpqWiXKAC4kjYK3HL1HIUvqzQSVi8p5CvKDUca5Ec%2BU0jSvSEB2NJ8aQeJh9HQZ8cX876M8qed3s7Sk6SpTGaef6o%2ByH%2Fh4f9V7qZo8%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fb64c3d-AMS
cf-request-id: 080b3664da00004c3d3f19a000000001

GET
H2 200 bootstrap-filestyle.js Show response
geissblog.koeln/wp-content/plugins/profilepress/assets/js/ 7 KB
2 KB 49ms
47ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/bootstrap-filestyle.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bdfbfff7a24bc7dc4735a7aa4872a98cd780506db5b896abba8b21df4bec236

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4542
cf-polished: origSize=12249
cf-request-id: 080b3664db00004c3d2f28e000000001
last-modified: Fri, 15 Nov 2019 23:30:18 GMT
server: cloudflare
etag: W/"2fd9-5976afb151ba9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IqJhqk3jZ6IInZ0p%2FQR%2FFYWE7RbKyWds%2Fp7vA41XmT6a4EGmNGMtPP8%2FMYVAMO32%2Bj85vzEZSrujK9cfiRyjworFHWeauzOAyZp6kUbdlrM%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34e2fba4c3d-AMS
cf-bgj: minify

GET
H2 200 jcarousel.js Show response
geissblog.koeln/wp-content/plugins/profilepress/assets/js/ 19 KB
6 KB 42ms
40ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/jcarousel.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c38f9bba09e4a90a4e66ae16f97f374723520be8f99c5d1c22279526d856f92

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=28627
cf-request-id: 080b3664db00004c3df2a93000000001
last-modified: Fri, 15 Nov 2019 23:30:18 GMT
server: cloudflare
etag: W/"6fd3-5976afb1c6ea7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MeP5QPoRvUGqOWdYyhRpE9QIXR5w3krQM34DggSQXm5wlVUjySHXwEksDHkTxft6Si7HPdTInkGeJdGbRBJVohPJujSHuqDyFRG2qRr6oa8%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34e2fbd4c3d-AMS
cf-bgj: minify

GET
H2 200 sweetalert2.min.js Show response
geissblog.koeln/wp-content/plugins/profilepress/assets/js/ 11 KB
4 KB 65ms
63ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/sweetalert2.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356d3bf6231d3e130d390c9c92767564fa1dfc9466ba800199daf931284b5294

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Nov 2019 23:30:19 GMT
server: cloudflare
age: 2920
etag: W/"2bfd-5976afb20b465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BGYeneM7dmehrm%2FmLzv3CB2%2BJzhzICWsxdyphHr%2FDK4nR1ZfZyFosS6rcM8qP%2FtqG4z0UcsT4AazUq92YkJFRSty9M3yw6vRwGOCaXPS5rE%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fc04c3d-AMS
cf-request-id: 080b3664dc00004c3def828000000001

GET
H2 200 chosen.jquery.min.js Show response
geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/ 28 KB
7 KB 48ms
46ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/chosen/chosen.jquery.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e10b02b411e6feee2ea5027b0fa2225421394d9c574d68c35a2669f5ecd625

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Nov 2019 23:29:56 GMT
server: cloudflare
age: 2920
etag: W/"6ef0-5976af9cd80d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6zOup7N7Nk5IdTsEsUK6AHbor3Nz4HebuA%2FKnHO54i5Ev1OzLXR70mlqkK82cNRPPDNK%2FqTlpylRRgW20DDZcj9FbUbCw%2FDCyEguKwFSKCw%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fc14c3d-AMS
cf-request-id: 080b3664db00004c3d1a862000000001

GET
H2 200 a370d996-53cd-4f31-966f-8bce5607b9d2 Show response
steadyhq.com/widget_loader/ 4 KB
2 KB 104ms
50ms Script
application/javascript 92.51.173.106
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://steadyhq.com/widget_loader/a370d996-53cd-4f31-966f-8bce5607b9d2?ver=1.1

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.51.173.106 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

steadyhq.com

Software

Cowboy /

Resource Hash

0e1f00865632f19af5b67c4364aacef74cedc04f10a0fe31a8cb72a705bcecc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 1821
x-request-id: FmBXTHlZOLsK-x8BqrSi

GET
H2 200 wpp.min.js Show response
geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 53ms
52ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.2.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Sep 2020 22:12:16 GMT
server: cloudflare
age: 2920
etag: W/"a3a-5aefcdc6a3b65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FAaOyHV9HL%2F4rdEpqw2i505jQlHj3uX%2FEhQdWnxJhtbLTzHEiRGCJP8JYP3aZ88TYg3nLJBjRNUOgwd5hn8utHURjv%2B8gbz4AJ8%2FOyV7xuI%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fc24c3d-AMS
cf-request-id: 080b3664df00004c3df0267000000001

GET
H2 200 avia-compat.js Show response
geissblog.koeln/wp-content/themes/enfold/js/ 1 KB
908 B 63ms
62ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/avia-compat.js?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2413aceda6dd8ed85aee246a26889c17cdfaf2347e673f84915cd9025a54ca4

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2502
cf-polished: origSize=2106
cf-request-id: 080b3664dc00004c3d00a98000000001
last-modified: Tue, 15 Aug 2017 18:47:13 GMT
server: cloudflare
etag: W/"83a-556cf352db926"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y6IZQWnT8R%2FzILeNzW3VhDDzptVjX5QbpSKcaapnT0AtCPJnu5l2oIuicSkaZgQCyFuiCrFnpZbaZ76uA2LB0OHx1p3ETI5G3tKWVm3y5iI%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34e2fc34c3d-AMS
cf-bgj: minify

GET
H2 200 mediaelement-and-player.min.js Show response
geissblog.koeln/wp-includes/js/mediaelement/ 153 KB
35 KB 57ms
56ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 May 2018 23:11:38 GMT
server: cloudflare
age: 2920
etag: W/"2638f-56cfbc606a8b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wCDkSmCZMbbmBgHtrjITwbS68iKiJgqofC9sxjPvlkzoLlK2mrru7AjIvi7Ww%2FBfEycBGvfjm0w2%2FHZuAs49yOqXNxs1oiSmLUL7725XeZg%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fc44c3d-AMS
cf-request-id: 080b3664dc00004c3d0b055000000001

GET
H2 200 mediaelement-migrate.min.js Show response
geissblog.koeln/wp-includes/js/mediaelement/ 1 KB
796 B 63ms
62ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 May 2018 23:11:38 GMT
server: cloudflare
age: 2920
etag: W/"4a9-56cfbc606a8b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5su9AiDxUiHGp5s5L6B44kp0ZO6MohWMLOcDcwRwfulKqz%2F3FkiNFfXoQdsqC%2BvXfphnro%2BXTOb12d7f0IN8oGI4IFXoG2UZ2t2yPbJPA%2Fk%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34e2fc74c3d-AMS
cf-request-id: 080b3664df00004c3d13017000000001

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/ 148 KB
43 KB 93ms
34ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b2ee61bcca53f60642717b52fbd8c07d37d0cd5459d9601abafe9ae10ab2c18

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:35:26 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 21:40:41 GMT
server: AmazonS3
age: 127
etag: W/"f093ddcade67ece03b6676d9c8231c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lguGyvFQ3xsipvlM99zXk2XnLZb9TDi7NxAI-NW2WhEHIxM8KAKTqg==

GET
H2 200 moli_1b3bbe6a932b0ee85d2f.js Show response
geissblog-koeln.h5v.eu/36/ 345 KB
121 KB 50ms
16ms Script
text/javascript 2001:780:12e::138
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://geissblog-koeln.h5v.eu/36/moli_1b3bbe6a932b0ee85d2f.js

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:780:12e::138 Nuremberg, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

Software

Resource Hash

e72d3ff191082ad0628ef5b8e82e7754a15206fa10c3ff75700c3fafc2b59db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
via: 1.1 linkerd
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=315360000,immutable
strict-transport-security: max-age=15638400
accept-ranges: bytes
content-encoding: gzip
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK rd.loader.php Show response
cdn.recognified.net/ 167 KB
167 KB 91ms
40ms Script
application/javascript 85.159.214.153
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.recognified.net/rd.loader.php?pub_id=246
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.159.214.153 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li730-153.members.linode.com
Software: nginx /
Resource Hash: 5808873c15670e85f2a4c28425e35afdf1f28e9d13468907b13716099d290e4b

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK geissblogkoeln_6497.js Show response
ads.vidoomy.com/ 3 KB
3 KB 350ms
119ms Script
application/javascript 3.17.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/geissblogkoeln_6497.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.17.116.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-116-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 42c695d173da802764ab3a8cafc72dc7e0e6aa9a1267f27c58b354419f19089b

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:32 GMT
Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 2924

GET
H2 200 wp-emoji-release.min.js Show response
geissblog.koeln/wp-includes/js/ 12 KB
4 KB 48ms
40ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/wp-emoji-release.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Aug 2018 05:55:20 GMT
server: cloudflare
age: 2301
etag: W/"2efa-5728192ac1904"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eg2VEj2qV2DcCV7D5V55oNIRj4jawuAIjg5uzNxn9zBMcTpJyePane6sUfXdtnnHiwGzkJdbn1Qs305X%2F%2F%2F3Nw7YhPfxebDDyQx24OvJ%2FCk%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5b034c3d-AMS
cf-request-id: 080b36659700004c3d1d2c5000000001

GET
H2 200 print.css
geissblog.koeln/wp-content/themes/enfold/css/ 3 KB
1 KB 72ms
67ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/css/print.css?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4886c60ad92f6025d6f745334953547a5537a9c390eb9dd6cd3b6ad8d7b8e7af

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2301
cf-polished: origSize=4605
cf-request-id: 080b3665a200004c3df79fe000000001
last-modified: Tue, 15 Aug 2017 18:47:11 GMT
server: cloudflare
etag: W/"11fd-556cf3504110c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PfUHVUwYqD18ULy%2FxurW9H4hAbDA6MizCIB6BSfeXQk%2FXGPF6OuxiJIyKpqFoXT%2FZObIPq0QLrO3sMvuzQ2wSCCNAU6Dd34cmSk%2B2QR6hW4%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34f6b364c3d-AMS
cf-bgj: minify

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
693 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 20:31:44 GMT
server: ESF
date: Wed, 03 Feb 2021 20:37:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 20:37:32 GMT

GET
H2 200 jscripts.php Show response
geissblog.koeln/wp-content/plugins/wp-spamshield/js/ 783 B
1 KB 130ms
127ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/wp-spamshield/js/jscripts.php
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 1567c856cddcbb3c01d32df57a1c18e1cfc5aed6633cf3e2cb36d6d32fa351d3

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.23
surrogate-control: no-cache, must-revalidate, max-age=0
content-length: 512
cf-request-id: 080b36651000004c3d121a3000000001
pragma: no-cache
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *,Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D4PiZ0mJ8tyCE6WbJu7F2ecz%2BeT%2BGrp%2F7yEl2SN6zaB4wO4mIyElvPhPYXqImrj%2B1onLbneNVImM9YTmmsatPsZP0uteD9y4aoXh2s5d0ag%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, no-transform
cf-ray: 61bef34e888f4c3d-AMS
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo-notext.png
geissblog.koeln/wp-content/uploads/2018/08/ 129 KB
130 KB 34ms
26ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2018/08/logo-notext.png
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a9d24387fd6ecf7a0f2d411c84c5ee6f6715e262044b7df6a443e43d80a2f4

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4777
content-length: 132242
cf-request-id: 080b36659700004c3d3c85b000000001
last-modified: Fri, 17 Aug 2018 14:46:40 GMT
server: cloudflare
etag: "20492-573a2a09f84e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TFjBFgdFUMBzXHL77Kw%2Bi5G9iH00pVvLtbBjvj1mHFnynOyDlV%2FKYooWH2Axyb2D4jiVS7AgXBBgtHDAbAjv1g87hle%2B77vARVHFY4f%2BgcA%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b054c3d-AMS

GET
H2 200 _Anschlusstor_Logo_neu_grau_gr%C3%BCner_Ball.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/ 30 KB
30 KB 45ms
37ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/_Anschlusstor_Logo_neu_grau_gr%C3%BCner_Ball.png
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffe55ff97371b9d4206e62591610875ef833cc3fce2ebf0c18a7971c480d30b

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1931
content-length: 30414
cf-request-id: 080b36659700004c3d20116000000001
last-modified: Wed, 07 Oct 2020 12:58:57 GMT
server: cloudflare
etag: "76ce-5b11447494c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6xq52oUUIPoyfaQaun%2BKiKrQ8rZIMQnVgGcr6xkrNbih%2B9%2F8UsYJLQKPHlAzYVDZFjH82CKr93MLGJfpifvUmgOWFl%2FJ1HCxR%2Bjz%2Fr4RLQ8%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b064c3d-AMS

GET
H2 200 _Anschlusstor_Logo_neu_wei%C3%9F_gr%C3%BCner_Ball.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/ 30 KB
30 KB 33ms
25ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/_Anschlusstor_Logo_neu_wei%C3%9F_gr%C3%BCner_Ball.png
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2926fe86c2990ffa67121178b0089226921b152eb6951b77517835a3d79804cd

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1931
content-length: 30371
cf-request-id: 080b36659800004c3d4e00f000000001
last-modified: Wed, 07 Oct 2020 12:58:57 GMT
server: cloudflare
etag: "76a3-5b114474f187b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yfpoCdDcVn2J9jFxMaSKG1Qq5I%2BpCBFLkCgz3pJE7567z0OZH6o49gqAw4ZjEt15hmdGPjPItpUljoPet%2BkkWoXPJ6CC9uqTidusdK32dZI%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b074c3d-AMS

GET
H2 200 live_pokal-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 50 KB
50 KB 42ms
34ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/live_pokal-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb9d8dee3132f6ed929ada15bde551fb14556bc70d106865c67df1e910c1991

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6964
content-length: 50973
cf-request-id: 080b36659800004c3d12962000000001
last-modified: Wed, 03 Feb 2021 10:31:08 GMT
server: cloudflare
etag: "c71d-5ba6c15c823a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AAPGgIVKNIN9d1H%2Bz9jTFrh99VdLhLldK0DN2FWDnsKdF74jGAAg80sYtvDLREJ%2FBaE7EcoLTYJmjnZt0%2BY6%2B9ijy9dSQGHhjJXkaC%2FdDIA%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b084c3d-AMS
cf-bgj: h2pri

GET
H2 200 wolf-wehrle-sauren-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 42 KB
42 KB 77ms
69ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/wolf-wehrle-sauren-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492e3c52a7dca7a3e295d9e9222dd92aa6953330879b5cd47ad1507ef1e17742

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2743
content-length: 42669
cf-request-id: 080b36659800004c3d2f2a0000000001
last-modified: Fri, 08 Jan 2021 09:11:53 GMT
server: cloudflare
etag: "a6ad-5b85ff2887f8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6XicPc3kkVI0wYxc7vF7lNNqnpX%2B7W0m0juDS3MTuiXokJ2XUTpJ0Zy3rKhoeMqzWBqLCE9OrwL1tFEhKt3H1pe%2BPk9A%2FMDaCov%2Bjv3fe%2Bs%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b0a4c3d-AMS
cf-bgj: h2pri

GET
H2 200 esser-vorstand-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 49 KB
49 KB 50ms
42ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/esser-vorstand-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14d95bf869a40690d57037a66c664c7b14dc0bcf21afa9a6b1695a01ad3b56c

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1658
content-length: 50094
cf-request-id: 080b36659800004c3d121af000000001
last-modified: Wed, 03 Feb 2021 11:50:21 GMT
server: cloudflare
etag: "c3ae-5ba6d311d7943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u56bl42PnWFWGtj%2BWO6P%2B6wpnm5i73ACTlOSHqJoDlwFOzD969MIP%2FixVxDjNi76nFD3hwYs06VK51FQws%2F5T67DOl5IYTJtLCqj1xr6RuQ%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f5b0b4c3d-AMS
cf-bgj: h2pri

GET
H2 200 newsticker-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 25 KB
25 KB 77ms
70ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/newsticker-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe2418b9b19b1e77e916cd81a422923b3dc6d15b5825c28579aef52daee4975

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5874
content-length: 25699
cf-request-id: 080b3665a000004c3d51b12000000001
last-modified: Tue, 26 Jan 2021 13:21:00 GMT
server: cloudflare
etag: "6463-5b9cd8691cbaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TO4F%2F0FZUKW%2BsLvG0HYOPRWte%2FCEA3eSqhCu%2F8y9%2BblI%2FJOn6aCPmdQPSAtZLzgmzo3Bh0VIj3Dv1DdETLD2prTOlAsDE%2FsuAWXiZSsIazw%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b1f4c3d-AMS
cf-bgj: h2pri

GET
H2 200 einzelkritik-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 52 KB
53 KB 71ms
63ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/einzelkritik-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5057c879e4c611b8884e0d731a2a099e0056e6b29d6c9c94e815b25f58b4e7

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2386
content-length: 53421
cf-request-id: 080b3665a000004c3df2aaf000000001
last-modified: Sun, 31 Jan 2021 21:17:41 GMT
server: cloudflare
etag: "d0ad-5ba38c481be1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lfraB%2F9ocv4yl4RVmjBBfikA0m8APP38xfWCBq0%2BgsRE5AnfdACcMhbzvkymRJ2ZhMGuAk10dGoZNbsyGdYXKV6FeI%2BSRLjU52nApff7qHA%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b234c3d-AMS
cf-bgj: h2pri

GET
H2 200 20201222-BUC-fckoelnpokal-129-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 46 KB
46 KB 50ms
43ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/20201222-BUC-fckoelnpokal-129-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc7de5018528ebe122169cc075f7ccabeed2b115444e919f2f3288b8dfaebd3

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5006
content-length: 46658
cf-request-id: 080b3665a000004c3d32875000000001
last-modified: Tue, 02 Feb 2021 09:46:55 GMT
server: cloudflare
etag: "b642-5ba5759d4b4e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p4IoJnUv5MVALijx4UmKJg%2BtW6gKUvcCHj%2B7cjwhko8Ip3aSLyBvluyo1tTS4kYRV1GlY8xUqntBUmee2pC5qrIMxow4Bn6%2FHKcRC8uyNYE%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b244c3d-AMS
cf-bgj: h2pri

GET
H2 200 20210114-BOP-trainingfc-010-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 56 KB
56 KB 65ms
58ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/20210114-BOP-trainingfc-010-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d681a6179deb9541b37359c50e079cd1b2f7915c7fa9bc60baf52410ad722551

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3819
content-length: 57316
cf-request-id: 080b3665a000004c3d3c85c000000001
last-modified: Tue, 02 Feb 2021 17:13:44 GMT
server: cloudflare
etag: "dfe4-5ba5d97bd441f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z%2BtKSlTPmj597zFmUPvm%2Bms%2BIUhTQNRqdxcZaNA6QVWxCayVRIzU26TIpvMH0RDDJdK%2FAVYjouQSpEsbEHJI1Q%2BhqqllERqVNQu38nKWauw%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b274c3d-AMS
cf-bgj: h2pri

GET
H2 200 20210130-BUC-fckoelntraining-108-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 41 KB
41 KB 64ms
58ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/20210130-BUC-fckoelntraining-108-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64867330c618881aba8bdc9963936f5bf1d53f0532a2aee76433286d48329bfe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 840
content-length: 42035
cf-request-id: 080b3665a000004c3d20117000000001
last-modified: Mon, 01 Feb 2021 10:06:36 GMT
server: cloudflare
etag: "a433-5ba438267fa32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MA41q3LObn1NK8cUHoZ%2FNkCQWqUDgn9AteYk099w0CJA0yummg6JiQR1UDjUGWoTwhOA3yW2hBrERqcH7NtNhZLIt9Z2%2FFckgLlATFGoXn8%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b294c3d-AMS
cf-bgj: h2pri

GET
H2 200 kombo-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 55 KB
56 KB 89ms
83ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/kombo-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92d87863aa3dd24afd96b84f15071988babf01efbc1cb87cd205f884d7c6f89

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4641
content-length: 56483
cf-request-id: 080b3665a100004c3d1bb38000000001
last-modified: Tue, 02 Feb 2021 08:53:38 GMT
server: cloudflare
etag: "dca3-5ba569b47537b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KWl69eazcSZporCYTGhJCoS0djUEcs3MYCamfxkerCP02d8OnfHfCD7k8hYMQI8YGLMqHcfE7hygplS%2Bq0sA4QuTbK4H3K%2FFy9FtB4IbbHE%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b2a4c3d-AMS
cf-bgj: h2pri

GET
H2 200 20201212-BUC-fckoelnu21vswiedenbrueck-110-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 36 KB
36 KB 66ms
59ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/20201212-BUC-fckoelnu21vswiedenbrueck-110-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b933ec2b1ef7c8740c9b3e2f3e8281de541822fa3aa69dc2946bb3496b1744

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3681
content-length: 36404
cf-request-id: 080b3665a100004c3def83c000000001
last-modified: Thu, 21 Jan 2021 15:12:18 GMT
server: cloudflare
etag: "8e34-5b96a7f6739b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YK2VAsctwM3tMqw7cXFQoJxxyHTsKY2RtAvujwRM00DKHARD424JPFCkII1H8FZlUC36vsXZNCEBfh9KZ9XQ6kaQsCOQz3zT6DsWVxHpPRQ%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b2b4c3d-AMS
cf-bgj: h2pri

GET
H2 200 modeste-spinner-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 45 KB
45 KB 67ms
61ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/modeste-spinner-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b09caeba9fd63d6fd8290b55eaf878222fe316ab270197ec3172edc653e1ae

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6277
content-length: 45641
cf-request-id: 080b3665a100004c3d3d120000000001
last-modified: Mon, 01 Feb 2021 22:35:39 GMT
server: cloudflare
etag: "b249-5ba4df9356014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHMhWgzLqLU07uFx4U%2BtMJ9VnzsNWwVTLJfEENppBiI7nhlkMOD5kfTVBlypo3JZRemYtcOmE3QfJ%2BnvX%2FjH87w9o29%2FH855R6pv93hb1LA%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b2c4c3d-AMS
cf-bgj: h2pri

GET
H2 200 geisspod-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 40 KB
41 KB 68ms
62ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/geisspod-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af01fc2add9ab53a9b3cc0d739ee7ea0c8608b7c6bff8cc9ca44ad9b27e64d46

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4359
content-length: 41326
cf-request-id: 080b3665a100004c3d11256000000001
last-modified: Mon, 01 Feb 2021 22:08:44 GMT
server: cloudflare
etag: "a16e-5ba4d98e83991"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uiGgT7098VkuaGi2nvFkzwe4yWF4091WFmwGKMg2KZ0xYDSRfJitBIM1r674IYdmQvTCkg6yYA9LiOVbhskwahUiXz0PKxlun3IHUxAo%2BEc%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b2e4c3d-AMS
cf-bgj: h2pri

GET
H2 200 20200930-BOP-trainingfc-045-710x375.jpg
geissblog.koeln/wp-content/uploads/2020/11/ 38 KB
38 KB 74ms
68ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2020/11/20200930-BOP-trainingfc-045-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5c009465285f72f001f9cccb685bc3f34ae58ecf476105862c7a14c8456d351

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3819
content-length: 38888
cf-request-id: 080b3665a100004c3d121b0000000001
last-modified: Tue, 03 Nov 2020 11:23:58 GMT
server: cloudflare
etag: "97e8-5b332195cafc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZgzmFrLDlHv5odxVuSUrwgRs%2F5kHuxnsPReOl%2BbuZMcMVmSzzYkTROU8c2fT8xBAAOChUSuOw%2BOd%2F1x2d42wVrWv2K%2BzU3ZRXHUmLvTYn0M%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b2f4c3d-AMS
cf-bgj: h2pri

GET
H2 200 20210102-BUC-fckoelnvsaugsburg-102-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 45 KB
45 KB 70ms
64ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/20210102-BUC-fckoelnvsaugsburg-102-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482710ea28ed8431d3de1f673789cd84f1487667e3f5978066853588d66fb9e1

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2743
content-length: 46168
cf-request-id: 080b3665a200004c3df508d000000001
last-modified: Thu, 07 Jan 2021 12:17:32 GMT
server: cloudflare
etag: "b458-5b84e6c9edbdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MJh1n04cUvncQCVLAsbn1yhNhYBi%2BXMiWP8OQtFOemLRVQEQHV9k7JwShcwGc3f8l8JU3j9hjwt5IT9TnyvtGBjauUalRB7Nim5lEO6SRtw%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b314c3d-AMS
cf-bgj: h2pri

GET
H2 200 20210131-BUC-fckoelnvsbielefeld-115-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/01/ 28 KB
29 KB 66ms
60ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/01/20210131-BUC-fckoelnvsbielefeld-115-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a89513e5c0af25507ec453e7fae8e747598971213d5a665e65eddd2a274df8

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5874
content-length: 28943
cf-request-id: 080b3665a200004c3df027a000000001
last-modified: Sun, 31 Jan 2021 17:34:42 GMT
server: cloudflare
etag: "710f-5ba35a7148344"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3PPGPxfZAudiaLkkm%2BoIs3JAEVYY4TybliFrDgzbHZtuECuMpN8tnnjnLM62gjpns7hChEb%2B6AGwvUraq%2F2nUd01bsITXU4WJJWev4wzCus%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b324c3d-AMS
cf-bgj: h2pri

GET
H2 200 esser-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 44 KB
44 KB 70ms
64ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/esser-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d439a24b28c387574f72c2387db2cc61a74bfb2f8c9c2199c543bb5cd82fc342

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5874
content-length: 44810
cf-request-id: 080b3665a200004c3d17b5e000000001
last-modified: Mon, 01 Feb 2021 14:38:26 GMT
server: cloudflare
etag: "af0a-5ba474e7fe9f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XDCH8iiHPLBlvbN95xCbaAohB7pa2KhBMJywgwzpFKPbaJc6sEaf%2Ft9Og3vIfSNMob3rU0jioQJX%2BBw7zAsO0gXqUjiWWXCHVDaMOgP8zmk%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b334c3d-AMS
cf-bgj: h2pri

GET
H2 200 20210131-BUC-fckoelnvsbielefeld-118-710x375.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 38 KB
38 KB 68ms
63ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/20210131-BUC-fckoelnvsbielefeld-118-710x375.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856bfa53483ac7c6f78908c5c0e0a0beb48d6486847976f480a2f99af8580877

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4948
content-length: 38664
cf-request-id: 080b3665a200004c3deab58000000001
last-modified: Mon, 01 Feb 2021 12:36:07 GMT
server: cloudflare
etag: "9708-5ba45991ddfb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SRSbmU0TMPE%2BQx18Ob%2BqCBcR1XcCPELlOv0eJcW%2BwIXGZdlnKdVQagS26FAx46XhMbw5XpG%2BrLuZrUObMqrxAJ8XA9qHYXJzusR8APfLn3A%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b344c3d-AMS
cf-bgj: h2pri

GET
H2 200 style.css
geissblog.koeln/wp-content/plugins/eu-cookie-law/css/ 3 KB
1 KB 23ms
23ms Stylesheet
text/css 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/eu-cookie-law/css/style.css?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b150d0e7595c7dc3d57192608e357c28a2b3c4947c575968ef94eef996a829f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=3699
cf-request-id: 080b36655500004c3d5282b000000001
last-modified: Fri, 15 Nov 2019 23:28:17 GMT
server: cloudflare
etag: W/"e73-5976af3dc5c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GUSLRcwm4l%2FJhBJGN5BWKowMadoiZceChxf8KDsbn8L7tltfaGf08Pjprw%2FHXIzqg8kCxlSoRR%2BrvA2ZQCTaBHttobQYiKmACSKMxJghAjk%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 61bef34ee9cf4c3d-AMS
cf-bgj: minify

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 55ms
14ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202105
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
expires: Mon, 31 Jan 2022 14:26:13 GMT

GET
H2 200 core.min.js Show response
geissblog.koeln/wp-includes/js/jquery/ui/ 4 KB
2 KB 31ms
31ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:38:11 GMT
server: cloudflare
age: 2301
etag: W/"fa0-556ce3e3f8485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rydHkMRl7HF%2FOCOHoUSUBAnOLBRRtPmStsZ4paH%2BzMg8WhMoCuE4NX6A%2BrtBphW6OhOvfxoO6GLWOOfJzmKrXxyIPoASTGibNTyL1OsCQQg%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f4ab84c3d-AMS
cf-request-id: 080b36658a00004c3d3c859000000001

GET
H2 200 datepicker.min.js Show response
geissblog.koeln/wp-includes/js/jquery/ui/ 36 KB
11 KB 34ms
24ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:38:11 GMT
server: cloudflare
age: 2301
etag: W/"8e9c-556ce3e441866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ayeQkMKRRVKKsvDRuiOv0gKivkD0%2FO6bq0azdi5txF9ZWRgZpuP6YbhF2olIf%2B5IYYrlmOE74LqR5%2B68%2BPHzfnco90j81Z2hJqyy%2F2%2FvHiE%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5aec4c3d-AMS
cf-request-id: 080b36659400004c3d20115000000001

GET
H2 200 password-strength-meter.min.js Show response
geissblog.koeln/wp-admin/js/ 784 B
729 B 34ms
23ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-admin/js/password-strength-meter.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110c2653a96926d70a4397465cd4ced2f3b01765805539284795209f7a954bd9

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 13:14:59 GMT
server: cloudflare
age: 2920
etag: W/"310-556ca90fc1869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8OqIZoQmFdeCHEVZZO2ugObsJvMCwmTI8KFa%2BDr9GN1TgTZ3%2F648Vr6Dn6YRWvvUYgmI7%2BZZDWtgJi9FecQd%2FjjQEZXkH0PoelZkWdOgpa0%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5aee4c3d-AMS
cf-request-id: 080b36659400004c3d29b8b000000001

GET
H2 200 frontend.js Show response
geissblog.koeln/wp-content/plugins/profilepress/assets/js/ 7 KB
2 KB 30ms
20ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/profilepress/assets/js/frontend.js?ver=2.9.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f0ce42a0cb6c2deb2f8eb08cca8a8611aac043dfcb4a2f261070285235beb7

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2501
cf-polished: origSize=14427
cf-request-id: 080b36659400004c3d00ab0000000001
last-modified: Fri, 15 Nov 2019 23:30:18 GMT
server: cloudflare
etag: W/"385b-5976afb1801d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZJW3CWY4c71Ku3QnF3sqt9HZALm5ptkn61WGtadbOMP7v2Zbz1CfVYe8hudYprpH6NyA3oJWYGJtrMfu4D9wK8UI%2BKYvSeyp%2FahLN0twnuQ%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34f5aef4c3d-AMS
cf-bgj: minify

GET
H2 200 avia.js Show response
geissblog.koeln/wp-content/themes/enfold/js/ 104 KB
29 KB 51ms
41ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/avia.js?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f18c9dd8b5eafb489db91ada24384af952e74304eff7a1e9ab5fe595be371ce

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2301
cf-polished: origSize=134602
cf-request-id: 080b36659500004c3d0887b000000001
last-modified: Tue, 15 Aug 2017 18:47:14 GMT
server: cloudflare
etag: W/"20dca-556cf35327418"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wCRz8%2B%2FLufrOR0IRGs6DQoHkGyJUSU2XhrrXvAXwocLQgd%2BDrMAynoX1UdEPc%2ByKFTkGTfdvqYmnx6S6XDhrONwTyY%2BqdPco34f2ugY5%2BPg%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34f5af04c3d-AMS
cf-bgj: minify

GET
H2 200 shortcodes.js Show response
geissblog.koeln/wp-content/themes/enfold/js/ 99 KB
23 KB 49ms
40ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/shortcodes.js?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43e9791e905a0885af60405def69585a7fbde323741c0285edd9785c21474c1f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2500
cf-polished: origSize=158782
cf-request-id: 080b36659500004c3de91c6000000001
last-modified: Tue, 15 Aug 2017 18:47:14 GMT
server: cloudflare
etag: W/"26c3e-556cf3535cf79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aq7m7lochGYVH%2Bij75Eh9La0fpvSbH4th88N%2BCdEBCG1cxvqobjoZhzom3uDIKvBc9wHEnc%2BIa2HSclerQxh3bBH1ui8dV52iwiEF%2F0m2M8%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34f5af14c3d-AMS
cf-bgj: minify

GET
H2 200 jquery.magnific-popup.min.js Show response
geissblog.koeln/wp-content/themes/enfold/js/aviapopup/ 20 KB
7 KB 32ms
22ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=4.1
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 18:47:47 GMT
server: cloudflare
age: 2920
etag: W/"51d3-556cf372c96ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KL%2BqzXTUDNxNXD%2BJwq5%2B%2FINt7Enni2rKeas%2B9phPegiD9j3bPwUUXo6ObGHVc4tVv3eXNcd8n77SJZMBy0Jq8%2F%2Bi%2FvNtOdzTIBXs5YAeS0Q%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5af64c3d-AMS
cf-request-id: 080b36659500004c3d3f1b1000000001

GET
H2 200 wp-mediaelement.min.js Show response
geissblog.koeln/wp-includes/js/mediaelement/ 914 B
719 B 44ms
34ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 May 2018 23:11:38 GMT
server: cloudflare
age: 2920
etag: W/"392-56cfbc606ac9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HRnmcU74QngoMIqqiCGj9BblRJsn23e6N0Nn%2FbFDZ%2FfrBxDwUfHTXuNoZvW5zbTuzTk39fTNJ80cw90T8B2z5yXYuQn%2FjmKNaHSH8nuJnV8%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5af84c3d-AMS
cf-request-id: 080b36659700004c3df79fc000000001

GET
H2 200 comment-reply.min.js Show response
geissblog.koeln/wp-includes/js/ 1 KB
818 B 43ms
33ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/comment-reply.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:37:31 GMT
server: cloudflare
age: 2920
etag: W/"436-556ce3bdcb4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vGUV4uROOfeGX4tM9h6tmP1EcUUYiEoeWL56I5QyNnM13kXf9whG6E0XSHnwwqv7exnnXqhLjJdIQ1lm3t93HbgFe%2FJRZnzblTSWCi7Js4Y%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5afa4c3d-AMS
cf-request-id: 080b36659600004c3de9911000000001

GET
H2 200 ajax.js Show response
geissblog.koeln/wp-content/plugins/zeno-report-comments/js/ 560 B
719 B 48ms
38ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/zeno-report-comments/js/ajax.js?ver=1.3.4
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4444
cf-polished: origSize=744
cf-request-id: 080b36659600004c3d3815c000000001
last-modified: Thu, 28 Jan 2021 18:31:40 GMT
server: cloudflare
etag: W/"2e8-5b9fa1941be77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p1YPaHq13Mh7AmZdLFp7sTgdd%2Flt9nJGqbiSbAo%2BOc35NUhuphjyV%2FDaGsQ8ZiL2EbQ0h3IukP6F6HVelfcnFC1gmcSru9EbZtT3a8fQfFI%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34f5afc4c3d-AMS
cf-bgj: minify

GET
H2 200 jscripts-ftr-min.js Show response
geissblog.koeln/wp-content/plugins/wp-spamshield/js/ 1 KB
985 B 48ms
39ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22518ff32f769e282e7b884f80b238038242e11fcd7c9ddf11a53285f6f4993a

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7936980
cf-request-id: 080b36659600004c3d1bb37000000001
last-modified: Fri, 15 Nov 2019 23:33:47 GMT
server: cloudflare
etag: W/"4c0-5976b0792e0d0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aObvwzYnKmNgwdXLdzFIu5IgjmFEHg8gUC7%2Bb0SaIEMO2v%2F3whNb%2Fz9QLXwPJmNlZj3NlSI%2BQBaYc2nJ%2BNG7%2Bx%2F3g09NbljR7yt%2FsecIfsM%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=15552000, must-revalidate
cf-ray: 61bef34f5afd4c3d-AMS
expires: Wed, 03 Nov 2021 23:54:32 GMT

GET
H2 200 wp-embed.min.js Show response
geissblog.koeln/wp-includes/js/ 1 KB
978 B 49ms
40ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/wp-embed.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 03:55:39 GMT
server: cloudflare
age: 2920
etag: W/"57b-57cdf49b3716a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BTn%2BjZUBQLvDlfQlIkVBWwkDhWtKH9k0A0qvF9m2nlC7ukPoLxbA4%2F7CJpS8N%2B%2FdgnnybsyHkM7UskUjld6SuiAuWKPGeuHeyMc3317U8KY%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef34f5aff4c3d-AMS
cf-request-id: 080b36659a00004c3d4689a000000001

GET
H2 200 scripts.js Show response
geissblog.koeln/wp-content/plugins/eu-cookie-law/js/ 2 KB
1 KB 30ms
21ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58815f5cb83e2bc136e9264be7c12c8fc19369d488584cf52ce658c51020bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2920
cf-polished: origSize=3049
cf-request-id: 080b36659700004c3df2aae000000001
last-modified: Fri, 15 Nov 2019 23:28:18 GMT
server: cloudflare
etag: W/"be9-5976af3f7106f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lJsvVUKiPqFXTAZVD73IONkYdpGY4CaLzYB0HKsYvjjP8r83SZpRatUR%2BXyq874MVRxNJDr51QUQ9GnjWEFtM56jFpu51NB1r7Q%2FYZe1s5A%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 61bef34f5b004c3d-AMS
cf-bgj: minify

GET
H2 200 1.16.9.js Show response
steadycdn.com/prod/js/ 357 KB
131 KB 104ms
33ms Script
application/javascript 92.51.173.91
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://steadycdn.com/prod/js/1.16.9.js

Requested by

Host: steadyhq.com
URL: https://steadyhq.com/widget_loader/a370d996-53cd-4f31-966f-8bce5607b9d2?ver=1.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.51.173.91 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

steadycdn.com

Software

nginx /

Resource Hash

aecf16f6bec9a845516902a99ce2a2c4d7b0420d52a64a715b63134903b7546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 13:25:05 GMT
server: nginx
etag: W/"600ec6b1-5959c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=365000000, immutable
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 70ms
26ms Other
text/html 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A270%2C%22requestUUID%22%3A%227d926de3-c361-4b43-a62c-77f3e936e6c4%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgeissblog.koeln%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Wed, 03 Feb 2021 20:37:32 GMT
x-powered-by: Express
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UHnc1yQI7lqLPKFya_HOti49nw45g2GY82s-yTSE8nq507xkoHvqeA==

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 154 KB
9 KB 42ms
42ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A270%2C%22requestUUID%22%3A%227d926de3-c361-4b43-a62c-77f3e936e6c4%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgeissblog.koeln%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: / Express
Resource Hash: 5dd6512118172096e0b6fbd9e8073deabf6269b028c0ba5f1c1217b307b0ef02

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://geissblog.koeln
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: gY5l5HC-k0yxjLx1KTinkz4ppyA0AfKgDzDxKVUMCkbYRUWvI8fipw==
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
concheck.adsafety.net/ 58 B
403 B 141ms
93ms XHR
application/json 145.239.0.62
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://concheck.adsafety.net/?_f=json&c=rf&req=bl&u=https%3A%2F%2Fgeissblog.koeln%2F
Requested by: Host: cdn.recognified.net
URL: https://cdn.recognified.net/rd.loader.php?pub_id=246
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.0.62 , Germany, ASN16276 (OVH, FR),
Reverse DNS: concheck11.ct.smartaudience.biz
Software: nginx /
Resource Hash: 90cc47b7ee1983c168809d3b3f01938e69ef76ec8e1eada02a78206ee86c22c8

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
649 B 153ms
93ms XHR
text/xml 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=760509&t=2

Requested by

Host: cdn.recognified.net
URL: https://cdn.recognified.net/rd.loader.php?pub_id=246

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://geissblog.koeln
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK md.tracking.php
rads.recognified.net/ 43 B
432 B 92ms
39ms Image
image/gif 172.104.157.168
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rads.recognified.net/md.tracking.php?t=lead&lead_event=92&lead_type=web_interaction&type=normal&campaign_id=10779&lead_title=pageimp&ad_id=31336&pub_id=246
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.157.168 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1673-168.members.linode.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:32 GMT
Last-Modified: Wed, 03 Feb 2021 20:37:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cm.adsafety.net/
Redirect Chain

https://rads.recognified.net/cm/
https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b

43 B
229 B

67ms
21ms

Image
image/gif

80.82.217.101
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.82.217.101 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Wed, 03 Feb 2021 20:37:32 GMT
Server: nginx
Access-Control-Allow-Origin: rads.recognified.net
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://cm.adsafety.net/?_cmsrc=rf&midt=100&mdid=88cbb612f040ed6c6f34c33a2f56519b
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 at-media_cs.js Show response
images.intellitxt.com/ast/js/PID_20625/ 1 KB
858 B 101ms
22ms Script
application/x-javascript 143.204.93.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/ast/js/PID_20625/at-media_cs.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e90a4769a82aada9462eb562e3f1baedf42929d613329920a93b7df71c49ac4e

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 23:09:49 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 09:05:22 GMT
server: AmazonS3
age: 2064464
etag: W/"5863f1ccc94c74c5ba70526bab8189e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7bkMNsp6IflDNpAkqP0ER0Kzw1bL2-G-YuaLW5tUx3LCpHlSoLrUYQ==

GET
H2 200 piwik.js Show response
dergeissbock.de/ 64 KB
64 KB 69ms
14ms Script
application/javascript 2a00:1158:1000:300::1ac
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://dergeissbock.de/piwik.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:300::1ac , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
last-modified: Thu, 30 Aug 2018 22:59:04 GMT
server: Apache
accept-ranges: bytes
etag: "ff7b-574af05884f9b"
content-length: 65403
content-type: application/javascript

GET
H2 200 entypo-fontello.woff
geissblog.koeln/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/ 30 KB
30 KB 72ms
71ms Font
application/x-font-woff 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Request headers

Origin: https://geissblog.koeln
Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1817
content-length: 30804
cf-request-id: 080b3665a500004c3de7060000000001
last-modified: Tue, 15 Aug 2017 18:48:34 GMT
server: cloudflare
etag: "7854-556cf39f97343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eL4Omj3P2ErTjB1r3Y9qcEpLWPgHoVB5tEENvfY7kPJVeMhxkc4QeTDRV04QTVBMmbUPl%2FSVSph5cOtHzoCbSGzVYGM2xYT2QF9H%2FeKC0I4%3D"}],"group":"cf-nel"}
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef34f6b384c3d-AMS

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geissblog.koeln
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,600,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 06:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:11 GMT
server: sffe
age: 52403
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Thu, 03 Feb 2022 06:04:09 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geissblog.koeln
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:28 GMT
server: sffe
age: 184567
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:25 GMT

GET
H3-Q050 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://geissblog.koeln
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 05:56:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:26 GMT
server: sffe
age: 52878
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13372
x-xss-protection: 0
expires: Thu, 03 Feb 2022 05:56:14 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
34 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4531fa9e33bdebbab12ece3bec25d0e0f0b79d2f72359cca9ccdd34afbff37b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33624
x-xss-protection: 0
server: cafe
etag: 16250397154202993732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 20:37:32 GMT

GET
H2 200 index.html
cdn.privacy-mgmt.com/ Frame 1E03 0
0 102ms
102ms Document
text/html 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.privacy-mgmt.com
:scheme: https
:path: /index.html?message_id=374341&consentUUID=cbd61669-2f63-41c9-8a97-565696f568d4&requestUUID=7d926de3-c361-4b43-a62c-77f3e936e6c4&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geissblog.koeln/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geissblog.koeln/

Response headers

content-type: text/html
last-modified: Tue, 02 Feb 2021 23:35:19 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 03 Feb 2021 20:35:26 GMT
etag: W/"fea093f29bac3f6b2f469bf4a1b2cd0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 641ivfnJtmi0nZEyLapw_4W-zk44CCEs8q-qTmp8uh4MrTEzSGCO0Q==
age: 127

GET
H2 200 gb_overlay_logo_red.png
geissblog.koeln/wp-content/themes/enfold-child/assets/img/ 4 KB
4 KB 28ms
28ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/img/gb_overlay_logo_red.png
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9faba832c85307453797f3e9d3337c9bf9817fce955383f607ae1187216ba328

Request headers

Referer: https://geissblog.koeln/wp-content/themes/enfold-child/assets/css/style.min.css?update2&ver=3d5dc5665cea50f737a4f8559abdb5dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5874
content-length: 3682
cf-request-id: 080b3666a400004c3d08898000000001
last-modified: Wed, 07 Oct 2020 12:58:57 GMT
server: cloudflare
etag: "e62-5b114475755d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsNX41PaxZ4C7HIqzer%2FL1zKJSNxg%2FHB%2BQbWllLj6C7s0r0F2lE%2B5VcCPPi6PD0KejKer8utHcYpVqph5cLLl1LeFy2TL7hbkFHiAf%2Fo5C4%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef35108114c3d-AMS

GET
H2 200 live_pokal.jpg
geissblog.koeln/wp-content/uploads/2021/02/ 107 KB
108 KB 23ms
21ms Image
image/jpeg 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2021/02/live_pokal.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 415f323e0481fc1a1a50536ec9975dae2f874ce3feac615b1421286b6ba82461

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6963
content-length: 110044
cf-request-id: 080b3666bf00004c3d121d4000000001
last-modified: Wed, 03 Feb 2021 10:31:05 GMT
server: cloudflare
etag: "1addc-5ba6c159b6e66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zdjKuTJgctMETSMxbaNSbPYqwhuTseQsS4n92AQy39lQ5PtBcXHJ%2FEaN%2BRt7jRgx8bBh2QlyLPU0zZB5OJBvxZIXesphRCinN6Wl58uc7ss%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61bef35138964c3d-AMS
cf-bgj: h2pri

GET
H2 200 5rc5ZZ-quark-hmsfhl.jpg
geissblog.koeln/wp-content/uploads/2017/06/ 68 B
506 B 129ms
128ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2017/06/5rc5ZZ-quark-hmsfhl.jpg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: AdDefend GmbH
content-length: 68
cf-request-id: 080b3666bf00004c3d1304e000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H1rPxKYZYGKKL8jSNtqAYy%2Fsaz1pVziM%2BKhMRCkASJzrh52IqA0f98phjnY8Ug7vytMNfIET%2Fky3WC9ykfPNlC2HwdYmFxO%2Fl4X6XvJx%2BMQ%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
cf-ray: 61bef35138994c3d-AMS
expires: 0

OPTIONS
H2 204 event
events.apester.com/ Frame 0
0 148ms
116ms Other 35.190.63.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://events.apester.com/event
Protocol: H2
Server: 35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: OPTIONS,OPTIONS
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 86400
date: Wed, 03 Feb 2021 20:37:33 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 adsbygoogle.js Show response
static.apester.com/js/lib/ 34 B
153 B 18ms
17ms Script
application/javascript 35.190.72.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.apester.com/js/lib/adsbygoogle.js
Requested by: Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.72.190.35.bc.googleusercontent.com
Software: nginx/1.19.6 /
Resource Hash: c7cab0e16ac6bd8de5197689fb2d28a55319b060d504aa76083aac7b031752cf

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:24:19 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 11:14:24 GMT
server: nginx/1.19.6
age: 794
etag: W/"5ffd8490-22"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public,s-maxage=942,max-age=942
content-encoding: gzip
alt-svc: clear
content-length: 54

POST
H2 202 event Show response
events.apester.com/ 0
218 B 147ms
116ms XHR
text/plain 35.190.63.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://events.apester.com/event

Requested by

Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
date: Wed, 03 Feb 2021 20:37:33 GMT
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 logo-white.svg
static.apester.com/js/assets/ 3 KB
3 KB 15ms
14ms Image
image/svg+xml 35.190.72.53
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.apester.com/js/assets/logo-white.svg
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.72.190.35.bc.googleusercontent.com
Software: nginx/1.19.6 /
Resource Hash: c4a0fb4da7f6db6ea3be9b26968272fd292b94084b4f85652c21a91e106613ff

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 22:59:43 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 11:14:24 GMT
server: nginx/1.19.6
age: 855470
etag: "5ffd8490-d0f"
content-type: image/svg+xml
content-range: bytes 0-1000/3343
cache-control: max-age=315360000,public
alt-svc: clear
content-length: 3343
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 piwik.php
dergeissbock.de/ 43 B
133 B 266ms
265ms Image
image/gif 2a00:1158:1000:300::1ac
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dergeissbock.de/piwik.php?action_name=GEISSBLOG.KOELN%20%E2%80%93%20Die%20Online-Zeitung%20%C3%BCber%20den%201.%20FC%20K%C3%B6ln&idsite=2&rec=1&r=915598&h=21&m=37&s=33&url=https%3A%2F%2Fgeissblog.koeln%2F&_id=31b44bcba0198bbf&_idts=1612384653&_idvc=1&_idn=0&_refts=0&_viewts=1612384653&send_image=1&cookie=1&res=1600x1200&gt_ms=254&pv_id=167yHM
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:300::1ac , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache / PHP/7.1.32
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cache-control: no-store
server: Apache
x-powered-by: PHP/7.1.32
content-type: image/gif

GET
H/1.1 200
OK front.asp Show response
k.intellitxt.com/intellitxt/ 4 KB
2 KB 433ms
106ms Script
application/javascript 54.172.220.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/ast/js/PID_20625/at-media_cs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-220-77.compute-1.amazonaws.com
Software: nginx / Kormorant
Resource Hash: b9053c0d51e58c3e654f5f9da0ca1dbe610b1cf822b8ec20ae73a495bbc88c83

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:19:34 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Kormorant
Vary: Accept-Encoding, *
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 Jan 2016 00:00:00 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/ 46 KB
12 KB 72ms
21ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/config.js
Requested by: Host: geissblog-koeln.h5v.eu
URL: https://geissblog-koeln.h5v.eu/36/moli_1b3bbe6a932b0ee85d2f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa652365b96aee761c5987605599c7010286353f9c713706d10fc12a60d449e1

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:33 GMT
Content-Encoding: gzip
Age: 290
X-Cache: HIT
Connection: keep-alive
Content-Length: 11182
x-amz-id-2: Q/wJIbDgtSiXyqNY57q+VGKi57fmYK4CRw0tYvxVJhy7nSrT79D0gZ+8JCw5bAcLwQWm3EGS5Ic=
X-Served-By: cache-hhn4071-HHN
Last-Modified: Wed, 03 Feb 2021 20:31:32 GMT
Server: AmazonS3
X-Timer: S1612384653.090058,VS0,VE0
ETag: "294d7ccf8c3b87034458ca96a58158ac"
x-amz-request-id: F069A5E4FBD14D5C
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 4

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
568 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,400i,700,700i&display=swap&subset=latin-ext

Requested by

Host: steadycdn.com
URL: https://steadycdn.com/prod/js/1.16.9.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0d3cc7a2e6e9cde2ae9c89b0fd7448b6f5521aa4429c18aac727b578dc588f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 20:28:28 GMT
server: ESF
date: Wed, 03 Feb 2021 20:37:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 20:37:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: steadycdn.com
URL: https://steadycdn.com/prod/js/1.16.9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5010
date: Wed, 03 Feb 2021 19:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 21:14:03 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/ 225 KB
85 KB 72ms
56ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86331
x-xss-protection: 0
server: cafe
etag: 657319051054643926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 20:37:33 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/ Frame F960 0
0 24ms
5ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210202/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geissblog.koeln/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geissblog.koeln/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 02 Feb 2021 22:31:03 GMT
expires: Tue, 16 Feb 2021 22:31:03 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 79590
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame A54C 118 KB
35 KB 79ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame EB22 118 KB
35 KB 93ms
41ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=2005302570&t=pageview&_s=1&dl=https%3A%2F%2Fsteadyhq.com%2Fgeissblog%2Fwidget.js&ul=en-us&de=UTF-8&dt=GEISSBLOG.KOELN%20%E2%80%93%20Die%20Online-Zeitung%20%C3%BCber%20den%201.%20FC%20K%C3%B6ln&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2044888544&gjid=1337067139&cid=377372049.1612384653&tid=UA-82069822-7&_gid=1952379983.1612384653&_r=1&_slc=1&z=476661484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geissblog.koeln
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5rc5ZZ-abgabe-justiz-hqoblx.png
geissblog.koeln/wp-content/uploads/2013/01/promotools/ 68 B
338 B 121ms
121ms Image
image/png 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geissblog.koeln/wp-content/uploads/2013/01/promotools/5rc5ZZ-abgabe-justiz-hqoblx.png
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: AdDefend GmbH
content-length: 68
cf-request-id: 080b36675700004c3d538c6000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yKlXFzixWgFNrgo2hEZQWaXWryn%2B2hVzKxAmDGJAWEjBYbrullGknb5QjnjFTKaIY5CU6DOmon7Tt9BpCAAStM9MNENNEJv54ZecPkx79tQ%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
cf-ray: 61bef3522b674c3d-AMS
expires: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202102021841/ 191 KB
58 KB 24ms
23ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/ndHHT5ULcmckhx7tG13-5VFUToY/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:33 GMT
Content-Encoding: gzip
Age: 220
X-Cache: HIT
Connection: keep-alive
Content-Length: 58468
x-amz-id-2: PfiTKffMmNMQ0kbVhxuCd9axNizmTbxJzqu8a+h8/5ngrl2h7/hkLzF2hIwELL8CLPC0Nkg3Uos=
X-Served-By: cache-hhn4071-HHN
Last-Modified: Tue, 02 Feb 2021 23:44:30 GMT
Server: AmazonS3
X-Timer: S1612384653.156136,VS0,VE0
ETag: "c7c578310510fc2a6129ca2158dfa3fb"
x-amz-request-id: EAE2E5AA8CD0E681
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 366

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&gjid=1337067139&_gid=1952379983.1612384653&_u=YEBAAEAAAAAAAC~&z=960045598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Feb 2021 20:37:33 GMT
content-type: text/plain
access-control-allow-origin: https://geissblog.koeln
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&_u=YEBAAEAAAAAAAC~&z=2059521304

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-82069822-7&cid=377372049.1612384653&jid=2044888544&_u=YEBAAEAAAAAAAC~&z=2059521304

Requested by

Host: geissblog.koeln
URL: https://geissblog.koeln/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 03B8 0
0 24ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cache-control: max-age=78399
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 311ms
101ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a7d3ac517457ab317841cbd51108aa3623c4e0839d2b53af410b4bd65f73ce7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1361

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame A41C 0
0 24ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cache-control: max-age=78399
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame EB22 180 B
355 B 295ms
100ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077160&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=2151707&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H/1.1 200
OK / Show response
k.intellitxt.com/go/1/ 4 KB
3 KB 113ms
113ms Script
text/javascript 54.172.220.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k.intellitxt.com/go/1/?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F&consentstr=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA&consenttype=euconsent&script=c
Requested by: Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-220-77.compute-1.amazonaws.com
Software: nginx / Kormorant
Resource Hash: 85be19406882557ca0b6f053ea6c9f29481f0d6323300399e54af9451bbea6f8

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:19:34 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Kormorant
Vary: Accept-Encoding, *
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 Jan 2016 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 375ms
168ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST t
t.lkqd.net/ Frame 7ED1 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 295ms
97ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame 9B8B 0
164 B 298ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame A86F 230 KB
61 KB 23ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 kormorant-1.31.23.min.js Show response
images.intellitxt.com/k/ 219 KB
55 KB 32ms
32ms Script
application/javascript 143.204.93.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Requested by: Host: k.intellitxt.com
URL: https://k.intellitxt.com/go/1/?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F&consentstr=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA&consenttype=euconsent&script=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986161275fe50b92e5cff2ba4451df6e261be46d1705530ee7bbf3013c50d01d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 10:27:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 16:53:44 GMT
server: AmazonS3
age: 727808
etag: W/"a9445e85736eefa5c802f726708fd630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YS2RfExCJD8FgvX1RxYX8oZGwb2E1oilO2oUqERYFNg08YAZX9jOQA==

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame F08D 0
0 24ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
cache-control: max-age=78399
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384653.cds001.lo4.hn,1612384653.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 300ms
98ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:33 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame A86F 81 KB
6 KB 227ms
227ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=6834637&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3971c15cce21ebc7e7e5503362ab05848463642d6d2b06931b5345ef060e9df6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6064

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 87ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:37 GMT
server: nginx
etag: W/"5ff6ed95-16542"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 04 Feb 2021 20:37:33 GMT

GET
H2 200 kormorant-1.31.23.min.css
images.intellitxt.com/k/ 27 KB
7 KB 23ms
22ms Stylesheet
text/css 143.204.93.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.css
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.23.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ce059b70275fa2dc3bae871e79ab94fd41a6df2f892f35fdc2e767d6cb28411

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 10:27:27 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 16:53:43 GMT
server: AmazonS3
age: 727807
etag: W/"0d3f89406825951fcb58d2a8705a9d88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 84loxQ_0UAlqv2E8hw9UFi2aOUk6ktD2P5ea5P3impBTsco6rWWo5Q==

GET
H/1.1

204
No Content

5163634086831496560
k.intellitxt.com/csync/0/appnexus/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fk.intellitxt.com%2Fcsync%2F0%2Fappnexus%2F%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fk.intellitxt.com%252Fcsync%252F0%252Fappnexus%252F%2524UID
https://k.intellitxt.com/csync/0/appnexus/5163634086831496560

0
324 B

119ms
106ms

Image
text/plain

54.172.220.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-220-77.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:19:34 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: Express
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

Redirect headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:33 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: b05c7f5d-ef96-4ddf-acce-20773d6f1838
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://k.intellitxt.com/csync/0/appnexus/5163634086831496560
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatchredir
ssum-sec.casalemedia.com/ 43 B
315 B 118ms
61ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184543&cb=:redirect
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Feb 2021 20:37:33 GMT

GET
H/1.1 204
No Content aHR0cHM6Ly9nZWlzc2Jsb2cua29lbG4v
k.intellitxt.com/log/0/ptr/9e239c689b776e30b929da120ea5be3186ecb323/93421/674afef7-da88-4d33-8d49-052a7d0189bc/ 0
249 B 111ms
110ms Image
text/plain 54.172.220.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.intellitxt.com/log/0/ptr/9e239c689b776e30b929da120ea5be3186ecb323/93421/674afef7-da88-4d33-8d49-052a7d0189bc/aHR0cHM6Ly9nZWlzc2Jsb2cua29lbG4v
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.220.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-220-77.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:19:34 GMT
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Server: nginx
X-Powered-By: Express
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 67ms
24ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:33 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:37 GMT
server: nginx
etag: W/"5ff6ed95-16542"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 04 Feb 2021 20:37:33 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame C2BD 0
165 B 245ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H2 200 zxcvbn.min.js Show response
geissblog.koeln/wp-includes/js/ 803 KB
380 KB 52ms
52ms Script
application/javascript 104.26.4.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geissblog.koeln/wp-includes/js/zxcvbn.min.js
Requested by: Host: geissblog.koeln
URL: https://geissblog.koeln/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 17:37:39 GMT
server: cloudflare
age: 281
etag: W/"c8bba-556ce3c5bcff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1aPHKSc0b9wYwjqfKjerMDn2juApoJxaVygIuZ9WBPBOl%2BExZtH%2B5MPBXnhchk9GhrRNZybgPDM2jL36D8fZMgcYAdpDVWYoAnrkfQcel2w%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61bef3576b3d4c3d-AMS
cf-request-id: 080b366aa500004c3df2b52000000001

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0cb5da73f240a6361735e79e009020a660b3e0df432f0c196b78866c74ee085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47978
x-xss-protection: 0
server: cafe
etag: 3032850206597669450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 20:37:34 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame EBD0 0
0 42ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=geissblog.koeln&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geissblog.koeln/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://geissblog.koeln/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 483
date: Wed, 03 Feb 2021 20:37:33 GMT
content-length: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
578 B 92ms
43ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121527144667%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:34 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384654250013-116
Expires: Wed, 03 Feb 2021 20:37:34 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
580 B 192ms
144ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C18819251177336104875575596121%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:34 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384654220095-128
Expires: Wed, 03 Feb 2021 20:37:34 GMT

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
331 B 752ms
119ms XHR
application/xml 54.204.53.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-53-197.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:33 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=289940278&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.hei...
https://pr-bh.ybp.yahoo.com/sync/adtech/VAa50acfac-665f-11eb-98b2-0687339652a0?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

227 B
1 KB

71ms
24ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Wed, 03 Feb 2021 20:37:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zheUJqF1lxknR7a8eTEPG9LW3zQs2IjULMOy&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=449471018&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.v...
https://pr-bh.ybp.yahoo.com/sync/adtech/VAa4fcd6a4-665f-11eb-a119-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

227 B
1 KB

72ms
24ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Wed, 03 Feb 2021 20:37:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tIHYbi11lxmLOHi7EHjZ3_bmbjC.t0Wp0KMU&_origin=0&nsync=1&apid=VAa4fcd6a4-665f-11eb-a119-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 988 B
1 KB 81ms
28ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17901875897336104875575596121%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ce2a59bd85aec76740de2bf1512de1aa6b2a08ad81365a9be849d2061da6f07d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:34 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 606
Expires: Wed, 03 Feb 2021 20:37:34 GMT

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,

48 B
333 B

28ms
28ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 03 Feb 2021 20:37:34 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=182012903&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C7336104875575596121717908826,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,

48 B
248 B

28ms
28ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 03 Feb 2021 20:37:34 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2121707716&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C16200002347336104875575596121,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame C2BD 0
164 B 109ms
109ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_9533396a.js Show response
vpaid.springserve.com/production/ Frame 2480 475 KB
98 KB 28ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:34 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 16:21:51 GMT
server: AmazonS3
x-amz-request-id: E1DCFD21ED3E7E9A
etag: "1225f68bb263c18c2006a35fdc8a452c"
x-hw: 1612384654.dop160.fr8.t,1612384654.cds254.fr8.hn,1612384654.cds209.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2182532
accept-ranges: bytes
content-length: 99770
x-amz-id-2: MrftzhWajDbvm3IN7/Ae/RDJD0MMMu7KR/kEmkM+pZwNEsSf7AamZLisr8MhAIpRQ5C5y1TU3EU=

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2480 19 B
868 B 30ms
30ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:35 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid: a8ad7c8f-a574-4e02-bb34-ceadb8e989a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 2480 0
216 B 32ms
32ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 t Show response
t.lkqd.net/ Frame C2BD 0
164 B 100ms
100ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2480 959 B
1 KB 27ms
27ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0c3c38ca2b702aaf088a403f6d73d6f3b4f561e6aed6243a567deb0e20ee960

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 587
Expires: Wed, 03 Feb 2021 20:37:35 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 3A5B 150 KB
35 KB 35ms
35ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 52D6 0
0 82ms
30ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=168762
Expires: Fri, 05 Feb 2021 19:30:17 GMT
Date: Wed, 03 Feb 2021 20:37:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3A5B 37 KB
14 KB 81ms
28ms Script
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=168762
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Fri, 05 Feb 2021 19:30:17 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3A5B 27 B
0 1418ms
83ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384655168&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:35&ranreq=0.11370945510546848&timezone=1&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2480 959 B
1 KB 36ms
34ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: df98b96585a92a9b317abaea1250b40357f27c1aa51bd1f114f4652b340d11b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 587
Expires: Wed, 03 Feb 2021 20:37:37 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 2480 0
124 B 69ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384655&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 8567 150 KB
35 KB 48ms
47ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame D20E 0
0 31ms
30ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=168760
Expires: Fri, 05 Feb 2021 19:30:17 GMT
Date: Wed, 03 Feb 2021 20:37:37 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8567 37 KB
14 KB 31ms
31ms Script
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=168760
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Fri, 05 Feb 2021 19:30:17 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8567 27 B
0 24ms
23ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384657197&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:37&ranreq=0.9073923620928164&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 2480 67 B
719 B 66ms
63ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384653991&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:37 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384657739022-97
Expires: Wed, 03 Feb 2021 20:37:37 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 2480 0
124 B 24ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384657&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:37 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 2480 67 B
720 B 56ms
56ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384653991&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:37 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384657802013-101
Expires: Wed, 03 Feb 2021 20:37:37 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 2480 0
117 B 350ms
115ms XHR
text/plain 3.139.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=3645178b&ps_id=487310&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.146.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 2480 0
124 B 22ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384655&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:38 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
97ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame C2BD 0
164 B 98ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 105ms
105ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e38cf91578f50198e03ee4b86f388824080ea719f69c585a6bc81b30b147fd98

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1364

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame F0C4 230 KB
61 KB 22ms
21ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:38 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384658.cds001.lo4.hn,1612384658.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 0A1F 0
0 23ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:38 GMT
cache-control: max-age=78394
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384658.cds001.lo4.hn,1612384658.cds074.lo4.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame F0C4 62 KB
5 KB 119ms
119ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 240283237b08bd2f685051f02d08cd723fad52af6527196d8a60df2f6d6b46af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4536

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 105ms
105ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=89634766&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:38 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame 4282 0
164 B 98ms
97ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
720 B 42ms
41ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C73491912649263370071959755057%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:39 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384659067051-101
Expires: Wed, 03 Feb 2021 20:37:39 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
719 B 66ms
66ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C14326843397349191264926337007%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:39 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384659048099-84
Expires: Wed, 03 Feb 2021 20:37:39 GMT

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
331 B 127ms
127ms XHR
application/xml 54.204.53.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-53-197.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:38 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.heig...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=2...

249 B
985 B

120ms
41ms

XHR
text/xml

3.123.200.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://geissblog.koeln
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=86242634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=907eff9e-b045-4880-a63a-0202abb8e083&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1ODQ0OS4zMjUxOTU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD05MDdlZmY5ZS1iMDQ1LTQ4ODAtYTYzYS0wMjAyYWJiOGUwODM=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
251 B 75ms
74ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=642546010&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C14038039577349191264926337007,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.view...

249 B
985 B

116ms
37ms

XHR
text/xml

3.123.200.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://geissblog.koeln
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1923603015&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=a16d63d2-35a2-4d9b-88d1-4b6824100a9a&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY1OTEyMS4wMTQ0MDQ6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD1hMTZkNjNkMi0zNWEyLTRkOWItODhkMS00YjY4MjQxMDBhOWE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 988 B
1 KB 28ms
27ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17910822017349191264926337007%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 16515a9aa9d56b23b10db6979f7fab23dd04c2edb22b5d452adba1607dffd912

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:39 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 608
Expires: Wed, 03 Feb 2021 20:37:39 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame 4282 0
164 B 110ms
109ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 4282 0
164 B 111ms
110ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 101ms
101ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 726e1f66308fc58d7be07ce3134610c9e3925864cf5a30bc28236d90e5926be5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1363

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8546 230 KB
61 KB 24ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384659.cds001.lo4.hn,1612384659.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame A649 0
0 25ms
24ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:39 GMT
cache-control: max-age=78393
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384659.cds001.lo4.hn,1612384659.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 99ms
99ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:39 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8546 72 KB
6 KB 131ms
131ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=61386737&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e492ad4635c3d68ef74bf2e1007eecd5dfb78f1c856a3ef6e35db0670eb09ac7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5760

POST
H2 200 t Show response
t.lkqd.net/ Frame F52A 0
164 B 98ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
720 B 49ms
48ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C8199716254323992747791025590%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384660127058-116
Expires: Wed, 03 Feb 2021 20:37:40 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
719 B 68ms
67ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C15079701948199716254323992747%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384660182016-73
Expires: Wed, 03 Feb 2021 20:37:40 GMT

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
331 B 118ms
118ms XHR
application/xml 54.204.53.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fgeissblog.koeln%2F&maxduration=119&skip=0&site.domain=geissblog.koeln&device.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20OS%20X&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 54.204.53.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-53-197.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:39 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.hei...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=...

249 B
985 B

39ms
38ms

XHR
text/xml

3.123.200.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://geissblog.koeln
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=497356910&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=f31a62e4-1687-4628-b6c3-a41d2956ab0e&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3My43NTI2ODY6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1mMzFhNjJlNC0xNjg3LTQ2MjgtYjZjMy1hNDFkMjk1NmFiMGU=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 84ms
84ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=2090888742&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C15254423558199716254323992747,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:40 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.v...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewa...

249 B
985 B

47ms
47ms

XHR
text/xml

3.123.200.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.200.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://geissblog.koeln
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=681284308&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d00aa25b-f529-45b5-a7d8-521ba7f66b5b&a.is_yahoo=0&redirect_y=dHM9MTYxMjM4NDY2MDE3NC41NjEwMzU6dXVpZD0iNzA3NzA3NjQyMTUzMDQ0MDY0NV9fVElNRV9fMjAyMS0wMi0wMysxMiUzQTM3JTNBMzQiOmFwaWQ9VkFhNGZjZDZhNC02NjVmLTExZWItYTExOS0wNjg0ODliNjY1ZmY6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1kMDBhYTI1Yi1mNTI5LTQ1YjUtYTdkOC01MjFiYTdmNjZiNWI=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 78ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_gdpr=&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C8199716254323992747719192940,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 28f4a5c83a1f4015a55df7f6a924b86059f76228b4562950c93278d1a4497b92

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1244
x-sticky-vk: 1612384660207028-116
Expires: Wed, 03 Feb 2021 20:37:40 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame F52A 0
164 B 108ms
107ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8546 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_9533396a.js Show response
vpaid.springserve.com/production/ Frame 0CC6 475 KB
98 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:40 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 16:21:51 GMT
server: AmazonS3
x-amz-request-id: E1DCFD21ED3E7E9A
etag: "1225f68bb263c18c2006a35fdc8a452c"
x-hw: 1612384660.dop160.fr8.t,1612384660.cds254.fr8.hn,1612384660.cds209.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2182526
accept-ranges: bytes
content-length: 99770
x-amz-id-2: MrftzhWajDbvm3IN7/Ae/RDJD0MMMu7KR/kEmkM+pZwNEsSf7AamZLisr8MhAIpRQ5C5y1TU3EU=

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 0CC6 959 B
1 KB 29ms
27ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 588
Expires: Wed, 03 Feb 2021 20:37:40 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 0CC6 0
216 B 30ms
29ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 218945 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 0CC6 0
1 KB 157ms
89ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/218945
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
X-SpotX-Timing-Transform: 0.000455
X-SpotX-Timing-SpotMarket: 0.061709
X-SpotX-Timing-Page-Mux: 0.001155
X-SpotX-Timing-Page-Require: 0.000410
X-fe: 047
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000057
X-SpotX-Timing-Page: 0.068190
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000351
Last-Modified: Wed, 03 Feb 2021 20:37:40 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.027970
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://geissblog.koeln
X-SpotX-Timing-Page-Misc: 0.004035
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.033739
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F52A 0
164 B 101ms
101ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 550A 150 KB
35 KB 35ms
35ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 831F 0
0 30ms
30ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=168757
Expires: Fri, 05 Feb 2021 19:30:17 GMT
Date: Wed, 03 Feb 2021 20:37:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 550A 37 KB
14 KB 30ms
29ms Script
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=168757
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Fri, 05 Feb 2021 19:30:17 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame 550A 27 B
0 24ms
23ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384660401&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:40&ranreq=0.9389138434554689&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 0CC6 959 B
1 KB 28ms
27ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 588
Expires: Wed, 03 Feb 2021 20:37:40 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 0CC6 0
124 B 22ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame B72E 150 KB
35 KB 34ms
33ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 9738 0
0 29ms
29ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=168756
Expires: Fri, 05 Feb 2021 19:30:17 GMT
Date: Wed, 03 Feb 2021 20:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B72E 37 KB
14 KB 30ms
29ms Script
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=168756
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Fri, 05 Feb 2021 19:30:17 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame B72E 27 B
0 24ms
23ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661015&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:41&ranreq=0.6463091208546228&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 0CC6 67 B
720 B 58ms
56ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fgeissblog.koeln%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1612384660076&width=400&height=225&dnt=&ip=&ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:41 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384661521090-130
Expires: Wed, 03 Feb 2021 20:37:41 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 0CC6 0
124 B 33ms
32ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 0CC6 959 B
1 KB 55ms
54ms XHR
application/xml 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 61869c34b57fe454b5df9c0af266893b8772ee9c0e805b0b7b342c303de914d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 588
Expires: Wed, 03 Feb 2021 20:37:41 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame EDFC 150 KB
35 KB 57ms
57ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame AD34 0
0 29ms
29ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=C45DD07C-BE99-4332-95FC-6A74D5BD3333; chkChromeAb67Sec=1; DPSync3=1613520000%3A226_221_219_201; SyncRTB3=1614902400%3A203%7C1613174400%3A63%7C1613606400%3A35%7C1613520000%3A99_21_13_56_166_220_55_88_161_81_189_222_22_204_165_3_71_176_7_8_78_5_54_223%7C1612915200%3A15_2_67; KRTBCOOKIE_80=16514-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&22987-CAESECfmh30TipFEgW6rwZYqRh8&KRTB&23025-CAESECfmh30TipFEgW6rwZYqRh8; PUBMDCID=3; KRTBCOOKIE_153=19420-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt&KRTB&22979-YkR8fGRNdXh5Q318YxFgKDVDfX15En4sMRCNqXzt; KRTBCOOKIE_409=22966-ROmCg1MlzCMqVgObuhvDWQe1&KRTB&23212-ROmCg1MlzCMqVgObuhvDWQe1; SPugT=1612384655; KRTBCOOKIE_336=5844-526843072254799076; KRTBCOOKIE_1101=23040-6925139361812838545; KRTBCOOKIE_27=16735-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&16736-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23019-uid:1f44601b-098f-4600-8e98-90833ff98e5e&KRTB&23114-uid:1f44601b-098f-4600-8e98-90833ff98e5e; KRTBCOOKIE_22=14911-2776833428396175541; KRTBCOOKIE_377=6810-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&22918-0b01c49c-d453-4034-9015-86cc3479a2d3&KRTB&23031-0b01c49c-d453-4034-9015-86cc3479a2d3; KRTBCOOKIE_466=16530-f84afd3c-d21a-4f91-bfae-e44fe2d7147c; KRTBCOOKIE_391=22924-538953412995131601; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_cf76ae7f-9b4a-4ffc-b74b-46e10133ce41; KRTBCOOKIE_699=22727-AACtkU7ANhMAABD_sX6daA; PugT=1612384656; KRTBCOOKIE_107=1471-uid:4oaiEi7w1L7oU85; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=168756
Expires: Fri, 05 Feb 2021 19:30:17 GMT
Date: Wed, 03 Feb 2021 20:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EDFC 37 KB
14 KB 30ms
29ms Script
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=168756
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Fri, 05 Feb 2021 19:30:17 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 0CC6 0
124 B 22ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384660&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:41 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame EDFC 27 B
0 24ms
23ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661739&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3%2021:37:42&ranreq=0.7496495509631029&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 0CC6 0
116 B 116ms
115ms XHR
text/plain 3.139.146.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=154ed889&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_9533396a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.146.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 0CC6 0
124 B 22ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1612384661&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:42 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 2EFC 327 KB
111 KB 32ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 03:02:41 GMT
ETag: "1612321361"
X-HW: 1612384662.dop226.fr8.t,1612384662.cds016.fr8.shn,1612384662.cds016.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 112981

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 2EFC 25 KB
25 KB 28ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1612384662457
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 20:37:42 GMT
Last-Modified: Wed, 09 Dec 2020 03:19:01 GMT
ETag: "1607483941"
X-HW: 1612384662.dop245.fr8.t,1612384662.cds243.fr8.shn,1612384662.cds243.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

getuid
ib.adnxs.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1939dbfb9d5c3ac1f8c3e633901aff87&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g030_6925139391862573939
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKtvz_IozzqjpiaHKbxzcSk&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b01c49c-d453-4034-9015-86cc3479a2d3
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YBsJl...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YBsJlgAAAJCoXFZV&_test=YBsJlgAAAJCoXFZV
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1f44601b-098f-4600-8e98-90833ff98e5e&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=538953412995131601
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2776833428396175541
https://pr-bh.ybp.yahoo.com/sync/stickyads/1939dbfb9d5c3ac1f8c3e633901aff87&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-q6uFQgR1lwTevzkj_LxB3Fyw0yWo7J.RZnAyr929
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4797849&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aaab4810-665f-11eb-9da8-4b9782986078
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 2EFC 301 B
855 B 42ms
42ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fgeissblog.koeln%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:42 GMT
Server: nginx
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1612384662458057-97
Expires: Wed, 03 Feb 2021 20:37:42 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 2EFC 67 B
720 B 67ms
67ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C53393%2C1%2C8199716254323992747719192940%2C%2C&vav=b0e17f0e3fd0891c7d70425617b1033b&vaviv=05221e514093bc3ce7d50cd3a00c4fee&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.7.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fgeissblog.koeln%2F&locDebug=LOC-ERRJS001%20-%20top%20window%20location%3A%20https%3A%2F%2Fgeissblog.koeln%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:42 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384662476051-101
Expires: Wed, 03 Feb 2021 20:37:42 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F52A 0
164 B 100ms
100ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=

170 B
224 B

17ms
16ms

Image
image/png

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTkzOWRiZmI5ZDVjM2FjMWY4YzNlNjMzOTAxYWZmODc=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1612384662507058-49
Expires: Wed, 03 Feb 2021 20:37:42 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

302ms
101ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1939dbfb9d5c3ac1f8c3e633901aff87&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1612384662551019-163
Expires: Wed, 03 Feb 2021 20:37:42 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame F52A 0
164 B 169ms
169ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 202 event Show response
events.apester.com/ 0
46 B 115ms
115ms XHR
text/plain 35.190.63.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://events.apester.com/event

Requested by

Host: static.apester.com
URL: https://static.apester.com/js/sdk/latest/apester-javascript-sdk.min.js?ver=3d5dc5665cea50f737a4f8559abdb5dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
date: Wed, 03 Feb 2021 20:37:43 GMT
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS
H2 204 event
events.apester.com/ Frame 0
0 116ms
116ms Other 35.190.63.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://events.apester.com/event
Protocol: H2
Server: 35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: OPTIONS,OPTIONS
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 86400
date: Wed, 03 Feb 2021 20:37:43 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 101ms
101ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 910cf6c204c863028ff7aea6b45b5c11227b0275d4bb811a99e485ef19d85c3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:43 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1364

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0780 230 KB
61 KB 23ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384663.cds001.lo4.hn,1612384663.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 6377 0
0 23ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:43 GMT
cache-control: max-age=78389
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384663.cds001.lo4.hn,1612384663.cds074.lo4.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0780 29 KB
3 KB 114ms
114ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: eb581bc3e5b5448032aeb3fdb12ce8759ec3900f24f01e9eeba328af46e89f31

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3053

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 98ms
98ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=21239248&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:43 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame 904C 0
164 B 97ms
97ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
720 B 58ms
58ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C2804625542583770036589320416%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:43 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384663455011-100
Expires: Wed, 03 Feb 2021 20:37:43 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
719 B 66ms
65ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C20030552922804625542583770036%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:43 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384663399091-49
Expires: Wed, 03 Feb 2021 20:37:43 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 78ms
78ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=977711088&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C4055333892804625542583770036,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:43 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame 904C 0
164 B 98ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 904C 0
164 B 101ms
101ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 101ms
100ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 92c4719f9f4479d85a7642e886d5686e89c2810bc8c51b603dd814cb1bfb1840

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:44 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1366

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame DE10 230 KB
61 KB 24ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384664.cds001.lo4.hn,1612384664.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame F568 0
0 24ms
24ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:44 GMT
cache-control: max-age=78388
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384664.cds001.lo4.hn,1612384664.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 98ms
98ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:44 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame DE10 37 KB
3 KB 114ms
114ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=42108759&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d5e0f005edfea0d17fc9f65bcbf538336319cb6ffaf21560d1f6c4aa15cb81

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:44 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3357

POST
H2 200 t Show response
t.lkqd.net/ Frame 9E40 0
164 B 98ms
98ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
718 B 125ms
124ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C17215696606489915181340092611%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:44 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384664571020-7
Expires: Wed, 03 Feb 2021 20:37:44 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
720 B 65ms
64ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C18616226871721569660648991518%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:44 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384664517090-163
Expires: Wed, 03 Feb 2021 20:37:44 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 89ms
89ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=1885889868&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C5966684171721569660648991518,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:44 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX Show response
ads.adaptv.advertising.com/a/h/ 2 KB
1 KB 23ms
23ms XHR
text/xml 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=1734474496&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fgeissblog.koeln%2F&eov=eov

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-110-9.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

b8d4c8b700daf90c7d4811e7e2a82151c42e5c983c10a3aa93bddb66aa33f904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://geissblog.koeln
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 905
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
98ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

POST
H2 200 t Show response
t.lkqd.net/ Frame 9E40 0
164 B 113ms
113ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 9E40 0
164 B 110ms
110ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame A54C 2 KB
2 KB 101ms
100ms XHR
application/xml 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 014ae9a3515e483b799b45028995f37ca64de416b17b09128fe311394e15696f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:45 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1361

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 7B32 230 KB
61 KB 23ms
22ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:45 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
etag: "37ec3f32952873470d227dd7944c04e7"
x-hw: 1612384665.cds001.lo4.hn,1612384665.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62007

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 8481 0
0 22ms
22ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 20:37:45 GMT
cache-control: max-age=78387
content-encoding: gzip
content-length: 1855
content-type: text/html
last-modified: Thu, 14 Jan 2021 20:16:54 GMT
accept-ranges: bytes
etag: "e9caae8bfca78f42f31517057bcbc6c7"
x-hw: 1612384665.cds001.lo4.hn,1612384665.cds074.lo4.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 7B32 29 KB
3 KB 113ms
113ms XHR
application/json 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=&rtv=1&thost=geissblog.koeln
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: eea398272a92d182352e66fbe65900b2a64c380ae68173e5d89c0fbbfb803137

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Feb 2021 20:37:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://geissblog.koeln
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3055

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 98ms
98ms Other 146.20.132.64
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1077158&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fgeissblog.koeln%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C53393%2C1%2C&c4=&c5=&c6=53393&rnd=93146559&m=&rtv=1&thost=geissblog.koeln
Protocol: H2
Server: 146.20.132.64 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:45 GMT
content-length: 0
access-control-allow-origin: https://geissblog.koeln
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame 10FC 0
164 B 97ms
97ms XHR
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://geissblog.koeln
date: Wed, 03 Feb 2021 20:37:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Other
text/plain 146.20.128.101
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.128.101 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geissblog.koeln
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 03 Feb 2021 20:37:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://geissblog.koeln

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
577 B 78ms
77ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C65093650191332388811392821097%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:45 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384665536055-91
Expires: Wed, 03 Feb 2021 20:37:45 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
579 B 46ms
45ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C12917071356509365019133238881%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 20:37:45 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://geissblog.koeln
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1612384665538023-90
Expires: Wed, 03 Feb 2021 20:37:45 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz

0
0

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,

48 B
249 B

29ms
29ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://geissblog.koeln/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 20:37:45 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 03 Feb 2021 20:37:45 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fgeissblog.koeln%2F&cb=259613552&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C53393%2C1%2C19893911216509365019133238881,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://geissblog.koeln
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS t
t.lkqd.net/ Frame 0
0

POST t
t.lkqd.net/ Frame 10FC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM4ZTk3N2ItMTJiOC02NjYwLTdjMjYtNGE0MmY1MTczMWYz

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
geissblog.koeln/	1970-01-19 15:53:06	Name: _pk_ses.2.f296 Value: *
geissblog.koeln/	1970-01-19 15:53:08	Name: _wpss_p_ Value: N%3A0%20%7C%20
.geissblog.koeln/	1970-01-20 09:24:16	Name: _ga Value: GA1.2.377372049.1612384653
geissblog.koeln/	1970-01-20 01:18:59	Name: _pk_id.2.f296 Value: 31b44bcba0198bbf.1612384653.1.1612384653.1612384653.
.geissblog.koeln/	1970-01-20 00:38:40	Name: consentUUID Value: cbd61669-2f63-41c9-8a97-565696f568d4
geissblog.koeln/	1970-01-19 15:53:08	Name: JCS_INENREF Value:
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_lt Value: 1:
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_uid Value: 1:234:bbb027c4-1495-49f7-896e-ded9d56a0447
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_opt Value: 1:
geissblog.koeln/	1970-01-19 15:53:08	Name: JCS_INENTIM Value: 1612384652848
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKBjLyQAyD2lidGKVUEDOvNCcHyC4BK6iurVWKBQAW54XRMAAAAA%3D%3D
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
.geissblog.koeln/	1970-01-19 15:54:31	Name: _gid Value: GA1.2.1952379983.1612384653
.geissblog.koeln/	1970-01-19 15:53:04	Name: ckon2102 Value: sject2102_609d9c890b106
geissblog.koeln/	1970-01-19 15:53:08	Name: _wpss_h_ Value: 2
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_data Value: 2:241830:1612384652:0:1:0:1:0:0:_:-1
geissblog.koeln/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8206d2ddf96872af3acbdba1debeb6e4
.geissblog.koeln/	1970-01-19 15:53:08	Name: SJECT2102 Value: CKON2102
geissblog.koeln/	1970-01-19 16:36:16	Name: _sp_v1_csv Value: null
.geissblog.koeln/	1970-01-19 15:53:19	Name: c0c1f1f8691795a875858e6fcd0279bd Value: 60b65f4c57c66cd45825f4d081efe526
.geissblog.koeln/	1970-01-19 15:53:04	Name: _gat_steadyGATracker Value: 1
.geissblog.koeln/	1970-01-19 16:36:16	Name: __cfduid Value: d07d69b02a5d96527cab00f0fba706e511612384652

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://geissblog.koeln/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1) Message: bootstrap [object HTMLDocument] loading
console-api	log	URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	log	URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1) Message: bootstrap [object HTMLDocument] interactive
console-api	log	URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1) Message: initialize
console-api	log	URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 105) Message: Retrieved data from TCF API, calling reload go
console-api	log	URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 66) Message: Consent Reload Go: Unable to retrieve page href, using document.URL instead: https://geissblog.koeln/
console-api	log	URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93421&referer=https%3A%2F%2Fgeissblog.koeln%2F(Line 84) Message: VM: ReloadGo - Found consent type: euconsent
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.standalone.js(Line 2) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: 'placements' parameter is empty
console-api	log	URL: https://cdn.recognified.net/rd.loader.php?pub_id=246(Line 1) Message: bootstrap [object HTMLDocument] complete
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384655168
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:35&ranreq=0.11370945510546848&timezone=1&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:PM AdRequest Time: 1.927secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Ad Error Time: 1.929secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Total Component Time since player call: 1.986secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,&us_privacy=&cb=1612384657197
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:37&ranreq=0.9073923620928164&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:PM AdRequest Time: 0.529secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Ad Error Time: 0.53secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-info:Total Component Time since player call: 0.589secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384653991,,(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384660401
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:40&ranreq=0.9389138434554689&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:PM AdRequest Time: 0.532secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Ad Error Time: 0.534secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Total Component Time since player call: 0.581secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661015
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:41&ranreq=0.6463091208546228&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:PM AdRequest Time: 0.532secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Ad Error Time: 0.534secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Total Component Time since player call: 0.581secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Value of localStorageDebugLevel received from local storage: null and the value received in parameter for setting the debug level is: 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,&us_privacy=&cb=1612384661739
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgeissblog.koeln%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgeissblog.koeln%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-2-3 21:37:42&ranreq=0.7496495509631029&timezone=1&depth=0&gdpr=1&gdpr_consent=CPBBlUVPBBlUVAGABCENBLCgAAAAAH_AABpYAAAMvAIMAAUAAAEEAAQIFCIQAAQhiQAAAABFCIBAJIAEigAGVwEcgAEACAxAQgQAgBAQgwCAAQAAJIAgBACgQCAAiAQAAgAEAIAAEAAILACQEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABATGQBwBHADLAGoAUsA3gCYgGBCAAIC6BEAgAKwAywBqAEAAKWAawA-QDAhIAEABwQAEAvIBkYSAgAAgAKwAiQBlgDUAIAAUsAxQBrADeAHyARUAmIBMoDAgGDBQAIAwgwAEBdAaAUAFYAZYA1ACAAEFAKWAawA3gB8gGBBwAIADhUAcARwAywBqAFLAN4AmIBgQ4ACAA4dAGACsANQAsQBigDqALtHgAQEVEIAwAjgBqAFDAMUAdQBdpIACAT4lAIAAQAG0ARIAwgDFAHUAPkAu0mABARUUgBgFDAVsAu0A.YAAAAAAAAAAA
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:PM AdRequest Time: 0.531secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Ad Error Time: 0.533secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-info:Total Component Time since player call: 0.603secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgeissblog.koeln%2F&schain=1.0,1!vidoomy.com,53393,1,1612384660076,,(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lkqd.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
aktrack.pubmatic.com
cdn.privacy-mgmt.com
cdn.recognified.net
cdn.stickyadstv.com
cm.adsafety.net
cm.g.doubleclick.net
concheck.adsafety.net
confiant-integrations.global.ssl.fastly.net
dergeissbock.de
events.apester.com
fonts.googleapis.com
fonts.gstatic.com
geissblog-koeln.h5v.eu
geissblog.de
geissblog.koeln
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
images.intellitxt.com
k.intellitxt.com
pagead2.googlesyndication.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
rads.recognified.net
s.amazon-adsystem.com
s0.wp.com
search.spotxchange.com
ssum-sec.casalemedia.com
static.apester.com
static.criteo.net
stats.g.doubleclick.net
steadycdn.com
steadyhq.com
t.lkqd.net
ups.analytics.yahoo.com
v.lkqd.net
vast.emxdgt.com
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.springserve.com
www.google-analytics.com
www.google.com
www.google.de
cm.g.doubleclick.net
ib.adnxs.com
t.lkqd.net
104.108.144.214
104.108.145.8
104.26.4.190
143.204.93.122
143.204.93.3
145.239.0.62
146.20.128.101
146.20.132.64
151.101.113.194
151.139.128.11
172.104.157.168
185.64.190.75
185.94.180.123
192.0.77.32
2.18.233.180
2.18.234.233
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:2a
2001:780:12e::138
2001:8d8:100f:f000::2b9
2a00:1158:1000:300::1ac
2a00:1288:110:c305::8000
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:821::2002
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638::3
3.123.110.9
3.123.200.209
3.124.119.192
3.126.56.137
3.139.146.156
3.17.116.255
35.190.63.234
35.190.72.53
35.244.159.8
37.157.6.245
37.252.173.27
54.172.220.77
54.204.53.197
72.21.206.140
80.82.217.101
85.159.214.153
92.51.173.106
92.51.173.91
014ae9a3515e483b799b45028995f37ca64de416b17b09128fe311394e15696f
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40
0407ab8c80d6b6d290c06dbc87a0fc3f8a48733e3f68384ff461274beae72b77
04d5e0f005edfea0d17fc9f65bcbf538336319cb6ffaf21560d1f6c4aa15cb81
0b150d0e7595c7dc3d57192608e357c28a2b3c4947c575968ef94eef996a829f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce059b70275fa2dc3bae871e79ab94fd41a6df2f892f35fdc2e767d6cb28411
0e1f00865632f19af5b67c4364aacef74cedc04f10a0fe31a8cb72a705bcecc9
110c2653a96926d70a4397465cd4ced2f3b01765805539284795209f7a954bd9
12a9d24387fd6ecf7a0f2d411c84c5ee6f6715e262044b7df6a443e43d80a2f4
13e10b02b411e6feee2ea5027b0fa2225421394d9c574d68c35a2669f5ecd625
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
1567c856cddcbb3c01d32df57a1c18e1cfc5aed6633cf3e2cb36d6d32fa351d3
16515a9aa9d56b23b10db6979f7fab23dd04c2edb22b5d452adba1607dffd912
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22518ff32f769e282e7b884f80b238038242e11fcd7c9ddf11a53285f6f4993a
240283237b08bd2f685051f02d08cd723fad52af6527196d8a60df2f6d6b46af
28f4a5c83a1f4015a55df7f6a924b86059f76228b4562950c93278d1a4497b92
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2926fe86c2990ffa67121178b0089226921b152eb6951b77517835a3d79804cd
2a23beaf4513879e5821fff335370ee59d0175fc87e6dd8a6fabbc76bb44a9d8
2bdfbfff7a24bc7dc4735a7aa4872a98cd780506db5b896abba8b21df4bec236
309c6e8ef5c13a765026d4bccc5bfae616174d9df2b559ae8ea63302035c40c1
30bae67f8f1decf7933e12c655978dddb2b92821069a85f6192fad6c7b21f5bd
356d3bf6231d3e130d390c9c92767564fa1dfc9466ba800199daf931284b5294
3971c15cce21ebc7e7e5503362ab05848463642d6d2b06931b5345ef060e9df6
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
3dd347f2e729a461cbb7297358ce65ae9f7bce3d5b3103173d016c532b281d7b
3f18c9dd8b5eafb489db91ada24384af952e74304eff7a1e9ab5fe595be371ce
3fe2418b9b19b1e77e916cd81a422923b3dc6d15b5825c28579aef52daee4975
415f323e0481fc1a1a50536ec9975dae2f874ce3feac615b1421286b6ba82461
41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2
42c695d173da802764ab3a8cafc72dc7e0e6aa9a1267f27c58b354419f19089b
43e9791e905a0885af60405def69585a7fbde323741c0285edd9785c21474c1f
4531fa9e33bdebbab12ece3bec25d0e0f0b79d2f72359cca9ccdd34afbff37b0
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
482710ea28ed8431d3de1f673789cd84f1487667e3f5978066853588d66fb9e1
4886c60ad92f6025d6f745334953547a5537a9c390eb9dd6cd3b6ad8d7b8e7af
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492e3c52a7dca7a3e295d9e9222dd92aa6953330879b5cd47ad1507ef1e17742
4bb9d8dee3132f6ed929ada15bde551fb14556bc70d106865c67df1e910c1991
4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff
4cc7de5018528ebe122169cc075f7ccabeed2b115444e919f2f3288b8dfaebd3
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380
53e1e85997f799693c71ee1ad64cbfb6ca48d4c1f2f9961d79e27b05261110be
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57941f510bd6902f2b0f4aa1668ab8cccb87229bd9f4e49994de6e47f51e12c6
5808873c15670e85f2a4c28425e35afdf1f28e9d13468907b13716099d290e4b
5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c
5dd6512118172096e0b6fbd9e8073deabf6269b028c0ba5f1c1217b307b0ef02
61869c34b57fe454b5df9c0af266893b8772ee9c0e805b0b7b342c303de914d7
632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1
64867330c618881aba8bdc9963936f5bf1d53f0532a2aee76433286d48329bfe
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
70b09caeba9fd63d6fd8290b55eaf878222fe316ab270197ec3172edc653e1ae
726e1f66308fc58d7be07ce3134610c9e3925864cf5a30bc28236d90e5926be5
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
74001dbc57074e4f66703a182f03f607140065647c5a3a3658746157d86b42e3
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46
7b2ee61bcca53f60642717b52fbd8c07d37d0cd5459d9601abafe9ae10ab2c18
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856bfa53483ac7c6f78908c5c0e0a0beb48d6486847976f480a2f99af8580877
85be19406882557ca0b6f053ea6c9f29481f0d6323300399e54af9451bbea6f8
86b933ec2b1ef7c8740c9b3e2f3e8281de541822fa3aa69dc2946bb3496b1744
879e3af6287043464e0fcf6d609b1caebe514923a4a4e2ca2d79bd8ee719dbc9
8c38f9bba09e4a90a4e66ae16f97f374723520be8f99c5d1c22279526d856f92
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
903487e9cdcdedbee737f80e2b8f44078441ad98ff1ceea9a8c974945e9e567a
90cc47b7ee1983c168809d3b3f01938e69ef76ec8e1eada02a78206ee86c22c8
910cf6c204c863028ff7aea6b45b5c11227b0275d4bb811a99e485ef19d85c3d
92c4719f9f4479d85a7642e886d5686e89c2810bc8c51b603dd814cb1bfb1840
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7
986161275fe50b92e5cff2ba4451df6e261be46d1705530ee7bbf3013c50d01d
9a7d3ac517457ab317841cbd51108aa3623c4e0839d2b53af410b4bd65f73ce7
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9e282a1a6fc13d3f400d49260d5bac86836ed14ed25a9a7734cdc7c0a6a8c1d4
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9faba832c85307453797f3e9d3337c9bf9817fce955383f607ae1187216ba328
9ffe55ff97371b9d4206e62591610875ef833cc3fce2ebf0c18a7971c480d30b
a0f4831384e5f952f5be620c856801cbe0f152c7d7e73dedb1716f68ca2a49ac
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4353bb5413e2671ebae1e8ab407a4279f471932ac64a582ce8f14dcf18d20b2
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad585fea5d77cebd31725e9e17719d38c5c45c6dbbd32372f81204cf88321b45
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecf16f6bec9a845516902a99ce2a2c4d7b0420d52a64a715b63134903b7546b
af01fc2add9ab53a9b3cc0d739ee7ea0c8608b7c6bff8cc9ca44ad9b27e64d46
b0d3cc7a2e6e9cde2ae9c89b0fd7448b6f5521aa4429c18aac727b578dc588f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8d4c8b700daf90c7d4811e7e2a82151c42e5c983c10a3aa93bddb66aa33f904
b9053c0d51e58c3e654f5f9da0ca1dbe610b1cf822b8ec20ae73a495bbc88c83
ba5057c879e4c611b8884e0d731a2a099e0056e6b29d6c9c94e815b25f58b4e7
c0cb5da73f240a6361735e79e009020a660b3e0df432f0c196b78866c74ee085
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a0fb4da7f6db6ea3be9b26968272fd292b94084b4f85652c21a91e106613ff
c4a89513e5c0af25507ec453e7fae8e747598971213d5a665e65eddd2a274df8
c5c009465285f72f001f9cccb685bc3f34ae58ecf476105862c7a14c8456d351
c7cab0e16ac6bd8de5197689fb2d28a55319b060d504aa76083aac7b031752cf
cd0e982047bf2356b38e7edf3ec5004a739f80feaa98c398d85fb52b8b8f5dbc
ce2a59bd85aec76740de2bf1512de1aa6b2a08ad81365a9be849d2061da6f07d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c3c38ca2b702aaf088a403f6d73d6f3b4f561e6aed6243a567deb0e20ee960
d14d95bf869a40690d57037a66c664c7b14dc0bcf21afa9a6b1695a01ad3b56c
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d439a24b28c387574f72c2387db2cc61a74bfb2f8c9c2199c543bb5cd82fc342
d681a6179deb9541b37359c50e079cd1b2f7915c7fa9bc60baf52410ad722551
d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84
d76a875a6a7dd0a8e9f41d7bd5fe385740b81de4c2863c3ace33680de52c1aa3
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d9f0ce42a0cb6c2deb2f8eb08cca8a8611aac043dfcb4a2f261070285235beb7
df98b96585a92a9b317abaea1250b40357f27c1aa51bd1f114f4652b340d11b8
e38cf91578f50198e03ee4b86f388824080ea719f69c585a6bc81b30b147fd98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e492ad4635c3d68ef74bf2e1007eecd5dfb78f1c856a3ef6e35db0670eb09ac7
e58815f5cb83e2bc136e9264be7c12c8fc19369d488584cf52ce658c51020bbe
e6706ad7dab8c9155c0f17f80b6fc3684c2b453c8e2c72f7e19eeb7e74700346
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e72d3ff191082ad0628ef5b8e82e7754a15206fa10c3ff75700c3fafc2b59db9
e90a4769a82aada9462eb562e3f1baedf42929d613329920a93b7df71c49ac4e
e92d87863aa3dd24afd96b84f15071988babf01efbc1cb87cd205f884d7c6f89
eb581bc3e5b5448032aeb3fdb12ce8759ec3900f24f01e9eeba328af46e89f31
ee9c1685d5ae2a28a30ce5298102d94630cf547a1bc10427756a05c934476f18
eea398272a92d182352e66fbe65900b2a64c380ae68173e5d89c0fbbfb803137
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2413aceda6dd8ed85aee246a26889c17cdfaf2347e673f84915cd9025a54ca4
f2b91b31467145ea200a71c5a17d4f43c93cb5b51af4af31c9a7fa0771f2ee8e
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3d155e9c53e2d5a8dd9a6ebfe967779bdd166b7aac2b39e38854e604b481f1d
f5ec33c9d4c50502468cf87211d2d0c424b0e2ca05b6b58713721cdd14d4c241
fa652365b96aee761c5987605599c7010286353f9c713706d10fc12a60d449e1
fd8bb2546a86dec43e711b8fa1cc7c58e3cc1bebdd80ccaa96dad4332e7ef27a
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

geissblog.koeln Open in urlscan Pro 104.26.4.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

291 Requests

97 %HTTPS

32 %IPv6

36 Domains

52 Subdomains

48 IPs

10 Countries

3922 kBTransfer

10257 kBSize

22 Cookies

8 Outgoing links

Page URL History

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

geissblog.koeln Open in urlscan Pro
104.26.4.190 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

97 %
HTTPS

32 %
IPv6

36
Domains

52
Subdomains

48
IPs

10
Countries

3922 kB
Transfer

10257 kB
Size

22
Cookies

291 HTTP transactions
3 data transactions