www.koreanslate.com Open in urlscan Pro
2606:4700:3033::6815:4067 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.koreanslate.com/korean-onion-on-sale.html
Submission: On November 18 via manual (November 18th 2022, 7:39:43 pm UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3033::6815:4067, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.koreanslate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time www.koreanslate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3033::6815:4067	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
16	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
12	18.203.208.193 18.203.208.193	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	18.133.151.109 18.133.151.109	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.66.11 65.9.66.11	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	18.133.102.8 18.133.102.8	16509 (AMAZON-02) (AMAZON-02)
115	29

9 2606:4700:3033::6815:4067 (United States)

ASN13335 (CLOUDFLARENET, US)

www.koreanslate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.203.208.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.151.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.102.8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-102-8.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	364 KB
12	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 8063	58 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	89 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	121 KB
9	koreanslate.com www.koreanslate.com	228 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 37050 hal900013.redintelligence.net — Cisco Umbrella Rank: 328954	80 KB
6	wp.com stats.wp.com — Cisco Umbrella Rank: 2615 i0.wp.com — Cisco Umbrella Rank: 3000 pixel.wp.com — Cisco Umbrella Rank: 2437	516 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3284 pixel.mathtag.com — Cisco Umbrella Rank: 842	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17892 api.webgains.io — Cisco Umbrella Rank: 57986	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 54022 medialead.de — Cisco Umbrella Rank: 53674	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	142 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 151128	6 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709	914 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421	420 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	40 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 129579	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 45190	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 226429	409 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 52539	607 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 191001	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	702 B
115	23

	Domain	Requested by
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.koreanslate.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
12	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.koreanslate.com googleads.g.doubleclick.net
9	www.koreanslate.com	www.koreanslate.com
6	fonts.gstatic.com	www.koreanslate.com fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	hal900013.redintelligence.net googleads.g.doubleclick.net
4	hal900013.redintelligence.net	hal9000.redintelligence.net hal900013.redintelligence.net
4	hal9000.redintelligence.net	www.koreanslate.com hal900013.redintelligence.net
4	i0.wp.com	www.koreanslate.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
2	api.webgains.io	analytics.webgains.io
2	www.google.com	1 redirects tpc.googlesyndication.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	www.googletagmanager.com	adv.office-partner.de
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	www.koreanslate.com
1	futalis.de	hal900013.redintelligence.net
1	pb.media01.eu	hal900013.redintelligence.net
1	adv.office-partner.de	hal900013.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.koreanslate.com
1	stats.wp.com	www.koreanslate.com
115	32

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
redintelligence.net R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
update.mediamathtag.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
adv.office-partner.de R3	`2022-11-02` - `2023-01-31`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.futalis.de R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.koreanslate.com/korean-onion-on-sale.html
Frame ID: D66A1B7BE3E0242AB8E8FD4861BD3159
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 3E53579FAEDCEB49DA9ADBDDB0F183EA
Requests: 1 HTTP requests in this frame

Frame: https://www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668787200
Frame ID: 0591EA69A32601B334A63E290953BE3B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
Frame ID: EE96F3CC0FBFD607F8BE49794DE7016F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&adk=1812271804&adf=3025194257&lmt=1668800376&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376307&bpp=2&bdt=899&idt=139&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=278x600&nras=1&correlator=6566637968570&frm=20&pv=1&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=148
Frame ID: 045D289A3DF18B00600CB5D5B4F45814
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CWjUAeN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE4QFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJbn5Kqe42cqx36bpyM-1KXP9UlwRdKJN2f3lcQrpsysRwf0d3UTP6ABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkwNjgxNzQ2MzUxMTAxMDIYAA&sigh=4kz82o0GMQs&uach_m=[UACH]&cid=CAQSGwDq26N9Lm3fVdj_hClk3CDSxsiUdsm23y1wDRgBIBM&tpd=AGWhJmtAM4IVb3gGTju_-PzZyQfALtIOJ_ahMJB4RYftHiLQYgNQNq0ejKAo_eRXVqzZ1VNfg-da8K3kaXyBtlxkQXK07BfpYr7jmLvuARZaN9mUkNsGZJ1-FdhHUaKF5id4TrJgBkRuk4pPa4n8-eeH6sJWiRZ5b_tePdywGNM8xH7Rbs8tjjzIqGXysmfNkWcnwqTCpL3j9j0mob3J_LrW5FOMD8cNL8NyeNFTPPp-BVXxEYnLi8-X9gGK32vi1ffbzYBgIuYtZOuCBmyFN_vGZTHX8beCO-YYAObLOVFQENem49nsuSHd2g3cLWYoQx5xePjL5EiQeH73CErNVoYXH5t-0sWfOv-eBYZxYHd9Nn4927kO9Vg2PLbfabokKf7m2tp-uBL4zGwl_1Gdu-kXoWfTYUzPr-bauIs1uBT9OqHUvOGrpuvaKaIIfY0E9fs19bc_V2Dg90ro2Luhww6LDqQDGQu-UlndcmOAJiDHcHkdAWHc21zaJU6kKUmJLOqnldCxKuK7iHosBkI2KGNhljdDfGfKhqkbVhyYRcBrHqxrmL6q_K-ADYsvljlsf8kHsLivWDwQ_NHVceHw4Ymacyc-A4CL6GTzNE7NBxJ1FKKjkGkEw2bsILW_Gv1hk2g2f5yMtuPZ_mHFHKNb8eev2p54OkNCfUBy39u4ID8N8XGu3e5CvC2sBzU1XwGp_aYWOpmQG6gRISL_K-LHnhkIUDNG9-8bjocDpvr_DA1CK6aIXnTfr2vvc5I1GZarfO9N3KFPOCla9i4x2QMFP5va9QYIupv_rx4W9mkcic4OoQDefpYQI1Z6lppP6UHu7BmJoYBKHBNj44VdeTzO8M7k6Y1ZEA6WWuhhAKYwaZb4M3waHEnLkzZYgxy-xwd9QxdZMb1US8iD93SdKJCF_hXTNP5SHcpZzDVKRQIBLZ23if9fmre4b9vjY0Yifq23ZeZqhzrhYI__b4YhyfQfO_9I5Zy4Op7o7358waIDmOcXkNoO3xqj5LJ_MsgcfTzd28giUE6izH96s6uDyUMfhl_LgW1InkrfzM7ZkHHXNhHA7L5eIF1KMQ_JqUiTozOhIMIoQaorgLLQdGb9aA1AYbPa4qRcotZf13NLh6fJdUkiAjS6dHL6uWmhug
Frame ID: 3D068F4D64EC2931792B68DF49B25D94
Requests: 30 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A46ED6869E8F0A421F317479C5FBD663
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56895600119106500951395012147013&actionid=981741&produktid=&dt_url=
Frame ID: 18D1D01EA5D8C04FB70B1C8460F0E074
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275
Frame ID: 5858BF4226A56755AF49A343FD668794
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Frame ID: E9E2A251FB8875A3DC175EDEE23AFA58
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=60&adk=2255544255&adf=2345549554&pi=t.aa~a.1240332057~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1668800377&rafmt=1&to=qs&pwprc=8288677238&format=1200x60&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800377403&bpp=2&bdt=1995&idt=2&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df55f6c837d979a01-22c1a31740cf00d0%3AT%3D1668800376%3ART%3D1668800376%3AS%3DALNI_MZJ11mxetuaaz--2827SlH3WAwirg&gpic=UID%3D00000b83e792c6ae%3AT%3D1668800376%3ART%3D1668800376%3AS%3DALNI_MbLiRXj-PK-WhPdKwXadiV1QjdFYw&prev_fmts=278x600%2C0x0&nras=2&correlator=6566637968570&frm=20&pv=1&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8RcA3Fumz&p=https%3A//www.koreanslate.com&dtd=12
Frame ID: B9DB6C1E395510A6ECE85A9AF3A91F98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2F01F1EEFC190F3BF91E82E99C64396
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: C50F913CDE1DEF57B827B80CB44CC0BA
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4A1EBAF8BD05DDF646DC8176B1A4BD68
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: DD98074B8847F61D916BE6ADD0F734C9
Requests: 1 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a
Frame ID: 293C28119D0CC3747DA8B5B6DAAE362F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F782FC37E9476747D3FB7BE0755BDE52
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 2D9A8ED91C5921BE9391DCEC3FDEC49B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8DB1BB574A622CFDFAEBC2B89FB1AB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E25C82EBF756D46623318EE9ABDFA97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Korean "Onion on Sale" - Korean Slate

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

115
Requests

97 %
HTTPS

47 %
IPv6

23
Domains

32
Subdomains

29
IPs

6
Countries

1692 kB
Transfer

3760 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56895600119106500951395012147013&actionid=981741&produktid=&dt_url=

Request Chain 41

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=56895600119106500951395012147013&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275

Request Chain 44

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

115 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request korean-onion-on-sale.html Show response
www.koreanslate.com/ 28 KB
9 KB 944ms
852ms Document
text/html 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4f399b6c728c9f2bd4572caf839e9b76f2e8ac3c23ab82c8ce209d2eeac237

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 76c32c450ed0ca50-HAM
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 18 Nov 2022 19:39:35 GMT
expires: Fri, 18 Nov 2022 19:40:34 GMT
link: <https://www.koreanslate.com/wp-json/>; rel="https://api.w.org/" <https://www.koreanslate.com/wp-json/wp/v2/posts/4235>; rel="alternate"; type="application/json" <https://www.koreanslate.com/?p=4235>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeS5fTA2tLfForPynjLa%2FDVg63LODtQPHHHGQ8EjEJQTo6rKW4cnQFkbleqrge4pI4MWNz8Y%2F5Oe2D6gQlZZwCHAD82lgIyFRRaOp6t%2BhRNhi5DMzv58ZDOKjAzuv7FyQfO1qOIbSpL9n%2BSncrRRJcJI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 header-2723407904.css
www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/ 526 KB
100 KB 731ms
730ms Stylesheet
text/css 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1194ad91e9ab3317759527b185328e82aa8c9af982ccb75b2bc506ea42e47f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/korean-onion-on-sale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 05:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg1ec0iOth9nwILNu8lPvggYU5xv9wP0sqSvQO%2FF6OwZfmbvppZ7bTOQJnSugSyYzDXHqGfUuvSGjNuk8bkNd2wfwPVWHWts%2BWhFMwJmlXfomhyBckzGKwfUYfOVapBnO1TxS02Lclxu%2BA9XXCxEnyXq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 76c32c4a6dbcca50-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 19:39:35 GMT

GET
H2 200 header-2723407904.js Show response
www.koreanslate.com/images/themify/cache/themify-ultra/scripts/4235/single/ 104 KB
37 KB 511ms
510ms Script
application/javascript 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/scripts/4235/single/header-2723407904.js?ver=4.5.8
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516a278100fb179d1a12f89f989990d416b892e6113bdb3c61b8c24f5f9177c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/korean-onion-on-sale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 05:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwXhlae1AV8Qey4t%2ByBS7ftqjzSKqs7KpoFzHJiV%2F8OleG7CUUE7cAFYKIRgdCeUvGOMrmx0RITlNelQ9p4qUuQqbgLOrgyHEcuwQ74PJbVlPNfosxhBD7upnrkXOetSLicuy46H0NTXpDLLKVzbE%2FnL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 76c32c4a6dbdca50-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 19:39:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 94ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc8f078df6ecfeacb97ef1c2cd104ddb6df0c258bbf7291de6d970f9863e574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49250
x-xss-protection: 0
server: cafe
etag: 10912669894737033073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H2 200 e-202246.js Show response
stats.wp.com/ 9 KB
3 KB 75ms
22ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202246.js
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 23:57:24 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.koreanslate.com/wp-includes/js/ 18 KB
5 KB 326ms
326ms Script
application/javascript 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/wp-includes/js/wp-emoji-release.min.js?ver=8ba0ebe525cefd5558b4b416726a03e6
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/korean-onion-on-sale.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 18:20:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZULpa0nkvQBUA6I5Tu1oyRy2jKP7BYqaXYGw8VS%2FWgeXWzvQvUxlf%2FKowlD60Msp9igDB1KTZYmB%2BSIbSsDV7png%2F9gneMshNZpqFqayCCq%2Bda0alPUSEyKx1ojte%2FQRATG8wOj2ohXuA4vL6Y7DdyE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 76c32c4eefb7b99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 19:39:36 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v21/ 29 KB
16 KB 83ms
31ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4525cd9ae95192b55584f18baef83bf3969bba9f8fa40caec36fbc4c3dacda92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16635
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:12:41 GMT

GET
H3 200 selima_-webfont.woff2
www.koreanslate.com/wp-content/themes/themify-ultra/skins/sushi/fonts/ 52 KB
53 KB 504ms
504ms Font
font/woff2 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/wp-content/themes/themify-ultra/skins/sushi/fonts/selima_-webfont.woff2
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c67778bd3e6870eb667bd999f4498630c4e6a6df0c54f8e3e30c0355b815cc

Request headers

Referer: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jun 2019 01:08:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vSbpZh99af3n%2Fx5RgK1ZAXH4FRM3FTE8sfIxDxnUONdjevM40gdKIoM%2FMovStLLoRf0wdxdToxOgIVZgxyQx5Tg%2BKVQYkKcAETfxclOZvL%2BXmolxHtmJyFQhjB837QFvPpgMU%2BFY0k%2BZffl4ssZQFW5"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76c32c4f78a3b99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53248
expires: Fri, 25 Nov 2022 19:39:36 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0a10e3f2356094515d7338bf8231930942e083eeda06bd556c205f16c947af9

Request headers

Referer
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v21/ 29 KB
16 KB 104ms
55ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.ttf

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0412558673e7e7f8538c79e0c3c474347bc47372e295d66653c61f575b3d2c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16703
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 07:55:24 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v21/ 29 KB
17 KB 73ms
24ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6594b89e779911abdc83142c7e13906e1017b329ef70373d136c2f4d6264796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 23:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16730
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:38:58 GMT

GET
H2 200 onion-on-sale.png
i0.wp.com/www.koreanslate.com/images/ 327 KB
328 KB 606ms
560ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.koreanslate.com/images/onion-on-sale.png?resize=1024%2C585&ssl=1

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

60969324ccc7109275c72bd7304351267b140854fd6f4a736b25b0221350d8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 18 Nov 2022 19:39:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Nov 2022 19:39:36 GMT
server: nginx
etag: "9593634030e1d13f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.koreanslate.com/images/onion-on-sale.png>; rel="canonical"
content-length: 335016
expires: Mon, 18 Nov 2024 07:39:36 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 103ms
58ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9068174635110102&plah=www.koreanslate.com&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc6dba4a19e244531824086be63c152c4c32a9bc614f7ab2b674bbb51e56536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119165
x-xss-protection: 0
server: cafe
etag: 1545598121992092207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a82aff100bacf5d26f08fca4854acfe693e0aecb8cbbbeb81c17dbe0e7fa3273

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v21/ 29 KB
16 KB 64ms
47ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/styles/4235/single/header-2723407904.css?ver=4.5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90833670c6fb77530d94509b7e8e7c64dec8bf1259285d51778db4ddfb7c317e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Origin: https://www.koreanslate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16726
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 14:45:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 3E53 10 KB
5 KB 82ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 15:35:42 GMT
etag: 10353107486223812946
expires: Fri, 02 Dec 2022 15:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bibimbap-bowl-egg.jpg
i0.wp.com/www.koreanslate.com/images/ 22 KB
22 KB 92ms
91ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.koreanslate.com/images/bibimbap-bowl-egg.jpg?resize=394%2C330&ssl=1

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

73d9f27912dab2728e2b953e7302c4f4ec6f9fbdb285758066300a1e18f50e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 18 Nov 2022 19:39:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Nov 2022 19:39:36 GMT
server: nginx
etag: "6f93eb30aaf61a5c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.koreanslate.com/images/bibimbap-bowl-egg.jpg>; rel="canonical"
content-length: 22042
expires: Mon, 18 Nov 2024 07:39:36 GMT

GET
H2 200 seoul_palace.jpg
i0.wp.com/www.koreanslate.com/images/ 18 KB
19 KB 72ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.koreanslate.com/images/seoul_palace.jpg?resize=394%2C330&ssl=1

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8d418d85440d919bdf6b5df1deb3c93c7c28e5cd82588dbe71d7dff82de321e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 18 Nov 2022 19:39:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Nov 2022 19:39:36 GMT
server: nginx
etag: "0135846c5da52d77"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.koreanslate.com/images/seoul_palace.jpg>; rel="canonical"
content-length: 18764
expires: Mon, 18 Nov 2024 07:39:36 GMT

GET
H2 200 korean-boy-girl-traditional-costume.png
i0.wp.com/www.koreanslate.com/images/ 144 KB
145 KB 29ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.koreanslate.com/images/korean-boy-girl-traditional-costume.png?resize=394%2C330&ssl=1

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

77f3246b47368a48f88d39a5442e815131d2b699997d725262edf97223f870fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 18 Nov 2022 19:39:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 09:26:57 GMT
server: nginx
etag: "03ba50f847785bb7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.koreanslate.com/images/korean-boy-girl-traditional-costume.png>; rel="canonical"
content-length: 147874
expires: Thu, 07 Nov 2024 21:26:57 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 28ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=8280128&post=4235&tz=-8&srv=www.koreanslate.com&j=1%3A11.5.1&host=www.koreanslate.com&ref=&fcp=1781&rand=0.822890628080748
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Nov 2022 19:39:36 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 korean-onion-on-sale.html Show response
www.koreanslate.com/ 2 KB
1 KB 1272ms
1272ms XHR
application/json 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koreanslate.com/korean-onion-on-sale.html?relatedposts=1

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/images/themify/cache/themify-ultra/scripts/4235/single/header-2723407904.js?ver=4.5.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c8d37b178cfe8027f5c6c8224420d4b3f30bdd7bcda9212190aff6392f50a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koreanslate.com/korean-onion-on-sale.html
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Et%2FebAx56PBio9ANVnFdgkrzBVRKt%2F%2B%2BzHK22e%2FxYbXK7CZupy0A%2FwtY6hmD8I86b6Dhg543DcqJtMx5Lt9rB065nV5ubZrDMwnJeqoZ3lbxUJfmFzyor97gXxmXXpAl%2FON1ICaZbMguELgxLd4VQv1j"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 76c32c4ff998b99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H3 200 invisible.js Show response
www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0591 34 KB
14 KB 44ms
43ms Script
application/javascript 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668787200
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c70851603681fce3a9bdcdef3c6bab5be35889394b8e394a06f5a9b40f27e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P2clSIXqf9lDzEgeS92k6zxRHL1OMb8iuD%2FsuRpsZntTpEv%2BfBBLVY4Pf%2BhD8EwBPE4mY%2BIzlb4aI6nXHqnX%2B%2FUkiO6ZcWTRsiCx1hkufrufUXz01L7fUmcuUwLmEHdxzzWRzK89l5HBHgQTyBjwvO2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76c32c50099fb99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0591 20 KB
9 KB 45ms
44ms Other
application/javascript 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c208587573bb80a0f12f92c421d12ec1882aea3e240ee103809a4ce703d80509

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLYN9aQPCc94CsnRKrzT1JIKvN3nsHm52AoFH8phyCW3uLJyDcAq5JYb29wb9AcAvPxx%2FQ62jHxaReedBOMKwqJJQ49Az0bzDcPxQnHtbSq%2B430iQh1W6wucT2Or%2Be1c%2BKnmA62LuDPW4tTxezHNdR3Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76c32c509ab7b99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
702 B 78ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.koreanslate.com&callback=_gfp_s_&client=ca-pub-9068174635110102&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9068174635110102&plah=www.koreanslate.com&bust=31070969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ddd9eee2a1408c76357c093687c21ef4c3a12477e6d6809e86ae3ce6890ddb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 92ms
29ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koreanslate.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koreanslate.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE96 29 KB
11 KB 439ms
391ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62ad880d629c53986b8462deb5839d7208d1223c69b60704df0a238a20e0d04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:36 GMT
expires: Fri, 18 Nov 2022 19:39:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 045D 253 KB
65 KB 843ms
810ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&adk=1812271804&adf=3025194257&lmt=1668800376&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376307&bpp=2&bdt=899&idt=139&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=278x600&nras=1&correlator=6566637968570&frm=20&pv=1&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8102a9a6a7e7ba012dc1e44197c4697c902881921b301373fe4bdff1edccaa62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66094
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:37 GMT
expires: Fri, 18 Nov 2022 19:39:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 76c32c450ed0ca50 Show response
www.koreanslate.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0591 2 B
673 B 58ms
57ms XHR
text/plain 2606:4700:3033::6815:4067
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koreanslate.com/cdn-cgi/challenge-platform/h/g/cv/result/76c32c450ed0ca50
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668787200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4067 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Nov 2022 19:39:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hX0fBVF4VDyJ1wkmqHn0FCGMPKgGekHaH98uIlmPgdbAGBg8WifPD5iw8W7h3OetzSFXBbMQOnukGuQigEq%2BNRfPYaJzZg2gHfwUNh5vRzJ81P4AeJX4n9aLGSsg0UmFBqekPTklyTNDnzF3hx69bQ62"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76c32c52ae99b99a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3D06 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWjUAeN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE4QFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJbn5Kqe42cqx36bpyM-1KXP9UlwRdKJN2f3lcQrpsysRwf0d3UTP6ABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkwNjgxNzQ2MzUxMTAxMDIYAA&sigh=4kz82o0GMQs&uach_m=[UACH]&cid=CAQSGwDq26N9Lm3fVdj_hClk3CDSxsiUdsm23y1wDRgBIBM&tpd=AGWhJmtAM4IVb3gGTju_-PzZyQfALtIOJ_ahMJB4RYftHiLQYgNQNq0ejKAo_eRXVqzZ1VNfg-da8K3kaXyBtlxkQXK07BfpYr7jmLvuARZaN9mUkNsGZJ1-FdhHUaKF5id4TrJgBkRuk4pPa4n8-eeH6sJWiRZ5b_tePdywGNM8xH7Rbs8tjjzIqGXysmfNkWcnwqTCpL3j9j0mob3J_LrW5FOMD8cNL8NyeNFTPPp-BVXxEYnLi8-X9gGK32vi1ffbzYBgIuYtZOuCBmyFN_vGZTHX8beCO-YYAObLOVFQENem49nsuSHd2g3cLWYoQx5xePjL5EiQeH73CErNVoYXH5t-0sWfOv-eBYZxYHd9Nn4927kO9Vg2PLbfabokKf7m2tp-uBL4zGwl_1Gdu-kXoWfTYUzPr-bauIs1uBT9OqHUvOGrpuvaKaIIfY0E9fs19bc_V2Dg90ro2Luhww6LDqQDGQu-UlndcmOAJiDHcHkdAWHc21zaJU6kKUmJLOqnldCxKuK7iHosBkI2KGNhljdDfGfKhqkbVhyYRcBrHqxrmL6q_K-ADYsvljlsf8kHsLivWDwQ_NHVceHw4Ymacyc-A4CL6GTzNE7NBxJ1FKKjkGkEw2bsILW_Gv1hk2g2f5yMtuPZ_mHFHKNb8eev2p54OkNCfUBy39u4ID8N8XGu3e5CvC2sBzU1XwGp_aYWOpmQG6gRISL_K-LHnhkIUDNG9-8bjocDpvr_DA1CK6aIXnTfr2vvc5I1GZarfO9N3KFPOCla9i4x2QMFP5va9QYIupv_rx4W9mkcic4OoQDefpYQI1Z6lppP6UHu7BmJoYBKHBNj44VdeTzO8M7k6Y1ZEA6WWuhhAKYwaZb4M3waHEnLkzZYgxy-xwd9QxdZMb1US8iD93SdKJCF_hXTNP5SHcpZzDVKRQIBLZ23if9fmre4b9vjY0Yifq23ZeZqhzrhYI__b4YhyfQfO_9I5Zy4Op7o7358waIDmOcXkNoO3xqj5LJ_MsgcfTzd28giUE6izH96s6uDyUMfhl_LgW1InkrfzM7ZkHHXNhHA7L5eIF1KMQ_JqUiTozOhIMIoQaorgLLQdGb9aA1AYbPa4qRcotZf13NLh6fJdUkiAjS6dHL6uWmhug

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 18 Nov 2022 19:39:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3D06 3 KB
2 KB 111ms
49ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpGbFltVXhZVEF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTE3MzE2NTE3MTc2MjEzNzQvNjYyMjMyNC80NTYyMzA2LzQvaFUtMGdHckFiakVwM0R6YU1CU0tRRUJQRjR6SmYtbzdTOWRYbC1tbm1uWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDUxNzMxNjUxNzE3NjIxMzc0L3pyaC8wLzE4My84Ni85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY2ODgwMDM3Ni8xNjY4ODEyOTc2LzQvcHViLTkwNjgxNzQ2MzUxMTAxMDIv/2y4pVnIZXLE17XsXN-PtqxY5U68&nodeid=3759&group=zrh&auctionid=4051731651717621374&pbs_auctionid=4051731651717621374&shardkey=4051731651717621374&sid=4562306&cid=6622324&bp=a_afdfcg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%26client%3Dca-pub-9068174635110102%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: ca2bb25697c90b5338c703064306e1b7f2b34c5f8bc36a127a08af20cbfd382b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1668800376
Last-Modified: Fri, 18 Nov 2022 19:39:36 GMT
Server: MMBD/3.371.0
x-mm-latency: 22 (1)
Content-Type: application/x-javascript; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x103, zrh-bidder-x145
Connection: close
x-mm-lag: 1
Expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3D06 3 KB
1 KB 85ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 18:01:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3D06 18 KB
8 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D06 154 KB
48 KB 84ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H/1.1 200
OK k2vt83281pvm Show response
hal9000.redintelligence.net/zone/ Frame 3D06 10 KB
3 KB 85ms
25ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=4051731651717621374&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d8fb2c0c7f49f0cf7c3ad2c61671f7d8a0d5df789a613d65f5ee0f018ee6738a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3360
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3D06 49 B
330 B 100ms
45ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4051731651717621374&node_id=3759&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpGbFltVXhZVEF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTE3MzE2NTE3MTc2MjEzNzQvNjYyMjMyNC80NTYyMzA2LzQvaFUtMGdHckFiakVwM0R6YU1CU0tRRUJQRjR6SmYtbzdTOWRYbC1tbm1uWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDUxNzMxNjUxNzE3NjIxMzc0L3pyaC8wLzE4My84Ni85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY2ODgwMDM3Ni8xNjY4ODEyOTc2LzQvcHViLTkwNjgxNzQ2MzUxMTAxMDIv/2y4pVnIZXLE17XsXN-PtqxY5U68&nodeid=3759&group=zrh&auctionid=4051731651717621374&pbs_auctionid=4051731651717621374&shardkey=4051731651717621374&sid=4562306&cid=6622324&bp=a_afdfcg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%26client%3Dca-pub-9068174635110102%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Server: MMBD/3.371.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x26, zrh-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 3D06 7 KB
3 KB 217ms
47ms Script
text/javascript 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.koreanslate.com/korean-onion-on-sale.html&ui=31ebe1a0-0000-0000-0000-000000000000&ap=&ti=4051731651717621374&pv=a564814d-d627-448c-923d-bf2c9940daa7&pp=pub-9068174635110102&sr=4&de=43003&si=1263127080&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpGbFltVXhZVEF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTE3MzE2NTE3MTc2MjEzNzQvNjYyMjMyNC80NTYyMzA2LzQvaFUtMGdHckFiakVwM0R6YU1CU0tRRUJQRjR6SmYtbzdTOWRYbC1tbm1uWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDUxNzMxNjUxNzE3NjIxMzc0L3pyaC8wLzE4My84Ni85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY2ODgwMDM3Ni8xNjY4ODEyOTc2LzQvcHViLTkwNjgxNzQ2MzUxMTAxMDIv/2y4pVnIZXLE17XsXN-PtqxY5U68&nodeid=3759&group=zrh&auctionid=4051731651717621374&pbs_auctionid=4051731651717621374&shardkey=4051731651717621374&sid=4562306&cid=6622324&bp=a_afdfcg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%26client%3Dca-pub-9068174635110102%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-208-193.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4793f8b564fd377d8fd22ffb907f1a155f4702fce662162134ea5bd7b4a17fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 19:39:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3003
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3D06 43 B
403 B 260ms
199ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4051731651717621374&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpGbFltVXhZVEF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTE3MzE2NTE3MTc2MjEzNzQvNjYyMjMyNC80NTYyMzA2LzQvaFUtMGdHckFiakVwM0R6YU1CU0tRRUJQRjR6SmYtbzdTOWRYbC1tbm1uWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDUxNzMxNjUxNzE3NjIxMzc0L3pyaC8wLzE4My84Ni85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY2ODgwMDM3Ni8xNjY4ODEyOTc2LzQvcHViLTkwNjgxNzQ2MzUxMTAxMDIv/2y4pVnIZXLE17XsXN-PtqxY5U68&nodeid=3759&group=zrh&auctionid=4051731651717621374&pbs_auctionid=4051731651717621374&shardkey=4051731651717621374&sid=4562306&cid=6622324&bp=a_afdfcg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%26client%3Dca-pub-9068174635110102%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 169 32252b7 master hkg-pixel-x5 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Server: MT3 169 32252b7 master hkg-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3D06 49 B
331 B 105ms
49ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4051731651717621374&st=4562306&time=1668800377&nodeid=3759
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpGbFltVXhZVEF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTE3MzE2NTE3MTc2MjEzNzQvNjYyMjMyNC80NTYyMzA2LzQvaFUtMGdHckFiakVwM0R6YU1CU0tRRUJQRjR6SmYtbzdTOWRYbC1tbm1uWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDUxNzMxNjUxNzE3NjIxMzc0L3pyaC8wLzE4My84Ni85OTkvMzIyLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY2ODgwMDM3Ni8xNjY4ODEyOTc2LzQvcHViLTkwNjgxNzQ2MzUxMTAxMDIv/2y4pVnIZXLE17XsXN-PtqxY5U68&nodeid=3759&group=zrh&auctionid=4051731651717621374&pbs_auctionid=4051731651717621374&shardkey=4051731651717621374&sid=4562306&cid=6622324&bp=a_afdfcg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%26client%3Dca-pub-9068174635110102%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.371.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Server: MMBD/3.371.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x103, zrh-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 18 Nov 2022 19:39:36 GMT

GET
H/1.1 200
OK request.php Show response
hal900013.redintelligence.net/ Frame 3D06 3 KB
2 KB 152ms
91ms Script
application/x-javascript 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=d04041da7b&subid=&uid=187e9569a6d40a3c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9068174635110102%26output%3Dhtml%26h%3D600%26slotname%3D8758733229%26adk%3D3043588844%26adf%3D3057092670%26pi%3Dt.ma~as.8758733229%26w%3D278%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668800376%26rafmt%3D1%26format%3D278x600%26url%3Dhttps%253A%252F%252Fwww.koreanslate.com%252Fkorean-onion-on-sale.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668800376250%26bpp%3D18%26bdt%3D843%26idt%3D167%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6566637968570%26frm%3D20%26pv%3D2%26ga_vid%3D8172433.1668800376%26ga_sid%3D1668800376%26ga_hid%3D2075203925%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1102%26ady%3D160%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C44760911%252C31070969%252C44770880%252C31065824%26oid%3D2%26pvsid%3D2848436422311929%26tmod%3D1017884757%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3D5VJKMqWsac%26p%3Dhttps%253A%2F%2Fwww.koreanslate.com%26dtd%3D189&ancestorOrigins=null&random=633609202318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=4051731651717621374&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 44b63946f8c7d62365278206692756ae853169c8bf699e67fc143d22bf1a1c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 56895600119106500951395012147013
Connection: close
Content-Length: 1094
Expires: Fri, 18 Nov 2022 19:39:37 +0100

GET
H2 200 / Show response
adv.office-partner.de/ Frame A46E 930 B
931 B 97ms
26ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=d04041da7b&subid=&uid=187e9569a6d40a3c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9068174635110102%26output%3Dhtml%26h%3D600%26slotname%3D8758733229%26adk%3D3043588844%26adf%3D3057092670%26pi%3Dt.ma~as.8758733229%26w%3D278%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668800376%26rafmt%3D1%26format%3D278x600%26url%3Dhttps%253A%252F%252Fwww.koreanslate.com%252Fkorean-onion-on-sale.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668800376250%26bpp%3D18%26bdt%3D843%26idt%3D167%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6566637968570%26frm%3D20%26pv%3D2%26ga_vid%3D8172433.1668800376%26ga_sid%3D1668800376%26ga_hid%3D2075203925%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1102%26ady%3D160%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C44760911%252C31070969%252C44770880%252C31065824%26oid%3D2%26pvsid%3D2848436422311929%26tmod%3D1017884757%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3D5VJKMqWsac%26p%3Dhttps%253A%2F%2Fwww.koreanslate.com%26dtd%3D189&ancestorOrigins=null&random=633609202318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 18 Nov 2022 19:39:37 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 25 Nov 2022 19:39:37 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 18D1
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56895600119106500951395012147013&actionid=981741&produktid=&dt_url=

0
607 B

104ms
43ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56895600119106500951395012147013&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=d04041da7b&subid=&uid=187e9569a6d40a3c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9068174635110102%26output%3Dhtml%26h%3D600%26slotname%3D8758733229%26adk%3D3043588844%26adf%3D3057092670%26pi%3Dt.ma~as.8758733229%26w%3D278%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668800376%26rafmt%3D1%26format%3D278x600%26url%3Dhttps%253A%252F%252Fwww.koreanslate.com%252Fkorean-onion-on-sale.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668800376250%26bpp%3D18%26bdt%3D843%26idt%3D167%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6566637968570%26frm%3D20%26pv%3D2%26ga_vid%3D8172433.1668800376%26ga_sid%3D1668800376%26ga_hid%3D2075203925%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1102%26ady%3D160%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C44760911%252C31070969%252C44770880%252C31065824%26oid%3D2%26pvsid%3D2848436422311929%26tmod%3D1017884757%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3D5VJKMqWsac%26p%3Dhttps%253A%2F%2Fwww.koreanslate.com%26dtd%3D189&ancestorOrigins=null&random=633609202318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 18 Nov 2022 19:39:37 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 18 Nov 2022 08:39:37 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Fri, 18 Nov 2022 19:39:37 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56895600119106500951395012147013&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 5413AFB7:BBF2_91EFC182:01BB_6377DF79_A8D4FCE:27195

GET
H2

200

htlp Show response
futalis.de/ Frame 5858
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=56895600119106500951395012147013&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275

350 B
409 B

79ms
23ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=d04041da7b&subid=&uid=187e9569a6d40a3c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9068174635110102%26output%3Dhtml%26h%3D600%26slotname%3D8758733229%26adk%3D3043588844%26adf%3D3057092670%26pi%3Dt.ma~as.8758733229%26w%3D278%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668800376%26rafmt%3D1%26format%3D278x600%26url%3Dhttps%253A%252F%252Fwww.koreanslate.com%252Fkorean-onion-on-sale.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668800376250%26bpp%3D18%26bdt%3D843%26idt%3D167%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6566637968570%26frm%3D20%26pv%3D2%26ga_vid%3D8172433.1668800376%26ga_sid%3D1668800376%26ga_hid%3D2075203925%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1102%26ady%3D160%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C44760911%252C31070969%252C44770880%252C31065824%26oid%3D2%26pvsid%3D2848436422311929%26tmod%3D1017884757%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3D5VJKMqWsac%26p%3Dhttps%253A%2F%2Fwww.koreanslate.com%26dtd%3D189&ancestorOrigins=null&random=633609202318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 19:39:37 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3D06 2 KB
2 KB 172ms
82ms Script
text/html 18.133.151.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=56895600119106500951395012147013&nw=1
Requested by: Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 23ce9f7e41ba78b31aa06cbb2a97d5d3744cf7ce5b2d4165bf11810266977fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
last-modified: Fri, 18 Nov 2022 19:39:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 18 Nov 2022 19:40:37 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame E9E2 7 KB
2 KB 76ms
26ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=d04041da7b&subid=&uid=187e9569a6d40a3c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_QGhiqKT0E7gAydf_Ty7yA%26exch_seat%3D20035004448%26mt_aid%3D4051731651717621374%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_cid%3D0b396377-df79-4d01-852f-cc6e82661d46%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp6x6eN93Y-e6H8HLzQamsrfYAc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItOTA2ODE3NDYzNTExMDEwMsgBCagDAaoE5AFP0BdWvZ59MqxPh0xN9N6RwEGbxHulxj6lKY8wIFiSacqAbpcf15YZYqC-aDdtUynFpj7scjiC--jshdlnIGTt5Kxo_twD7PbhipTkJbbxKYbZjDKNGP9yO8MnWfZJf9sa1yJkvYL6vxdfbGCi9lsGX7DGucz17M41qRLJ93992IXZcvrAqHeKEpCuOFFsCGBUl4eZ-y-umKaaOuPDJEZCEUdYmDqXO6FRR_HVcP5g2h8FRSUVHhbGfrJb3ZCL6SEgDxp3ytQnIxI4z8gxy6tACsV-Y5dQAWGTrzAHf0RoS3OiMsmABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MB4NbFVDJ8cRt9Oq69qApYWSuUQ%2526client%253Dca-pub-9068174635110102%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9068174635110102%26output%3Dhtml%26h%3D600%26slotname%3D8758733229%26adk%3D3043588844%26adf%3D3057092670%26pi%3Dt.ma~as.8758733229%26w%3D278%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668800376%26rafmt%3D1%26format%3D278x600%26url%3Dhttps%253A%252F%252Fwww.koreanslate.com%252Fkorean-onion-on-sale.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668800376250%26bpp%3D18%26bdt%3D843%26idt%3D167%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6566637968570%26frm%3D20%26pv%3D2%26ga_vid%3D8172433.1668800376%26ga_sid%3D1668800376%26ga_hid%3D2075203925%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1102%26ady%3D160%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C44760911%252C31070969%252C44770880%252C31065824%26oid%3D2%26pvsid%3D2848436422311929%26tmod%3D1017884757%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3D5VJKMqWsac%26p%3Dhttps%253A%2F%2Fwww.koreanslate.com%26dtd%3D189&ancestorOrigins=null&random=633609202318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: b2218789b4316d83aade4a83ce81f11ae974b42d5d2c219d795645fbd5e92291

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2044
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Nov 2022 19:39:37 GMT
Expires: Fri, 18 Nov 2022 19:39:37 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 3D06
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56895600119106500951395012147013
https://ad-server.eu/wm/pb/native.png

68 B
312 B

233ms
45ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:43:08 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:BBF2_91EFC182:01BB_6377DF79_A8D4FE0:27195
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
DATA 200
OK truncated
/ Frame 3D06 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd736b17d189b0f3b0b1c87a5ec9c869cef55b6a56a655f028e3500f19d80ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 181ms
44ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?oz_pl=1&de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.koreanslate.com/korean-onion-on-sale.html&ui=31ebe1a0-0000-0000-0000-000000000000&ap=&ti=4051731651717621374&pv=a564814d-d627-448c-923d-bf2c9940daa7&pp=pub-9068174635110102&sr=4&de=43003&si=1263127080&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:36 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.82.0/ Frame 3D06 169 KB
53 KB 44ms
44ms Script
text/javascript 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.82.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.koreanslate.com/korean-onion-on-sale.html&ui=31ebe1a0-0000-0000-0000-000000000000&ap=&ti=4051731651717621374&pv=a564814d-d627-448c-923d-bf2c9940daa7&pp=pub-9068174635110102&sr=4&de=43003&si=1263127080&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-208-193.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d2cb6c4ce0b2ef4fb404019c0792255259d1b723c01cda789e5412da48fe1541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54050
Expires: Mon, 27 Jul 2054 17:29:06 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 150 KB
51 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js?bust=31070969

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c2c8925b35d89d401927385bee137ed55a857efa7cf34a08bff0be52389953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52280
x-xss-protection: 0
server: cafe
etag: 317685032499736782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-9068174635110102&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 81ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koreanslate.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 72ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koreanslate.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9DB 430 B
227 B 565ms
565ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=60&adk=2255544255&adf=2345549554&pi=t.aa~a.1240332057~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1668800377&rafmt=1&to=qs&pwprc=8288677238&format=1200x60&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800377403&bpp=2&bdt=1995&idt=2&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df55f6c837d979a01-22c1a31740cf00d0%3AT%3D1668800376%3ART%3D1668800376%3AS%3DALNI_MZJ11mxetuaaz--2827SlH3WAwirg&gpic=UID%3D00000b83e792c6ae%3AT%3D1668800376%3ART%3D1668800376%3AS%3DALNI_MbLiRXj-PK-WhPdKwXadiV1QjdFYw&prev_fmts=278x600%2C0x0&nras=2&correlator=6566637968570&frm=20&pv=1&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8RcA3Fumz&p=https%3A//www.koreanslate.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58aeac3de3fdad5777efbbaf8551c10b07ff7ff341b932ca8ee3a35163e9a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-9068174635110102&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20221114_073454&sat=1668570556112&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.261&alldns=0.287&allp=12&fd=(0%2C10%2C4)%2C(2%2C0%2C0)&pgh=2296&abl=false&rr=n&su=www.koreanslate.com&pvc=2848436422311929&r=0.1&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E9E2 4 KB
1 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 19:02:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E9E2 25 KB
25 KB 85ms
28ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 9f39839db748707203e9e138f142f6756025b533a423f1119dde31ba21b73458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25849
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E9E2 27 KB
27 KB 78ms
27ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: fc88d5b69d29e62ed289b80e4eb70a67a0540f95d221e9b497f06ce6c85676ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27151
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E9E2 20 KB
20 KB 196ms
140ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1c158ddf3ddd7a98e08ae57037b93e74d1a0480a2daa0e745e24f049c8e832b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20616
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A46E 102 KB
40 KB 82ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f772174aa311b4e3debbd1da55c138be49eedf83baf38932a7c9dc535474f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40311
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
55ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-9068174635110102&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame B2F0 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 20:29:58 GMT
etag: 10353107486223812946
expires: Thu, 01 Dec 2022 20:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame C50F 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 20:29:58 GMT
etag: 10353107486223812946
expires: Thu, 01 Dec 2022 20:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 5858 5 KB
5 KB 23ms
23ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1742856275
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H3 200 css2
fonts.googleapis.com/ Frame B2F0 4 KB
636 B 72ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 18:55:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2F0 205 B
742 B 68ms
20ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 17:18:52 GMT
x-content-type-options: nosniff
age: 8445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Nov 2023 17:18:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2F0 604 B
694 B 69ms
21ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:29:29 GMT
x-content-type-options: nosniff
age: 608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Nov 2023 19:29:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame B2F0 19 KB
8 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 16:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 16:39:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C50F 4 KB
621 B 66ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 18:57:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C50F 2 KB
765 B 70ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C50F 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpQnPeN93Y67CJ4Lc9QWgsI7ABY-D0MBtqOaizqQQpOfy7ZUCEAEgvabID2CVAqABt5iBoijIAQmpAlF_EXi6Wno-qAMByAPLBKoE8QFP0F9K_0cziXlDtoqqK4yDflu4yyKX9fUeTwdzph0CMqCTaP11nhpn0wzxgRA4YQcVRpCOCIfS7MQlpimJxafIOOyw_09rt3_bxE-TJf6AhuMUh10MriL2LWgaW-v9bdiwCyu6FAShOVKBwKJtkaEzLbBItW4H16aW2ee1t3Pqwo1ngT1DKOcaTANNYEyB0FtIdgQlWCim5T83gWhumWmMbPklZdrouL6kjyGLo8y4fm7QCTdLQexHv67bUgh8sYpB0pCCk59dD206J6RrgNazQkoTITwloJaTQ9ovUDFheLoIv43-2j4VG5xg3wPbSoVqwAT_3MK6jQSSBQQIBBgBkgUECAUYBKAGLoAH_dimrQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCkuQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItOTA2ODE3NDYzNTExMDEwMhgA&sigh=u0QZtq6ImyU&uach_m=[UACH]&cid=CAQSGwDq26N95TrHXSbU7FN3_IJ2u14ogONseiajDBgBIBM&template_id=484

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 18 Nov 2022 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C50F 23 KB
9 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C50F 3 KB
1 KB 68ms
34ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 18:01:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C50F 18 KB
7 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C50F 154 KB
47 KB 105ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame C50F 34 KB
14 KB 55ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/5138588182162159514/ Frame C50F 18 KB
18 KB 70ms
38ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5138588182162159514/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562f74c4e4bd834b29a1dbf64acd3a997a4abf00abafb527429624d5634b27da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:57:13 GMT
x-content-type-options: nosniff
age: 502944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18135
x-xss-protection: 0
last-modified: Tue, 17 May 2022 09:11:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 23:57:13 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16686424173151737254/ Frame C50F 7 KB
7 KB 66ms
34ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16686424173151737254/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a62e7601e4887261354e7ed4b6c430d021686065beb0e367e421329ec96c6043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 19:11:13 GMT
x-content-type-options: nosniff
age: 260904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7210
x-xss-protection: 0
last-modified: Wed, 18 May 2022 13:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Nov 2023 19:11:13 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
43ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?oz_pl=1&de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.koreanslate.com/korean-onion-on-sale.html&ui=31ebe1a0-0000-0000-0000-000000000000&ap=&ti=4051731651717621374&pv=a564814d-d627-448c-923d-bf2c9940daa7&pp=pub-9068174635110102&sr=4&de=43003&si=1263127080&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2001:1b60:1010::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:36 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3D06 85 KB
31 KB 87ms
24ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=56895600119106500951395012147013&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:52:38 GMT
content-encoding: gzip
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2820
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SiflAkzqHmUB1GjsA-N5yHTIEkYj1eXHPNvB-FAHbxwcKB1WQ3Ky9w==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 3D06 85 B
420 B 77ms
21ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1668800677&Signature=QoexosNPN22PQuSk2zUXRxqoAj-ynb25KoICI1lhrNv6I6LttXX6YwvVSRN3yMl5md5Jgx6Ew1m6HyaLa2FUdAKEUNHdaIxn-OUNFneKVlOtfbGksyD-QZ7J-00g4-Zc3ZICJWoVXC3SuoRUPGVfaqGXvZIH2NxeZOkxsCukpGZS2dPqInl5e~H2dD38cTm6aJrOpL9rW2pVuhVc1Y8-9WDHllr6d6JdWAejVUkcAaWS6KY8yB7ffqC-olMBZceD6IutJqVLOgob7t2X1ARJepVFmECIb4CgOZ4ok2Q0SxENLxXuOfBNcdgrwpEIkAeCBva4hjNlbvxUeJg9uuz0cQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 07:07:14 GMT
x-amz-version-id: null
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 45144
etag: "70af33d70b6810475aae19743c8c435b"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: _30w37CVxA_f8de6L8WWvFWqvT8Cftv4Ek_Rt63MzBVFYugDOdEEGw==

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame E9E2 0
150 B 73ms
25ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=56895600119106500951395012147013&a=a7af37e0&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 61ms
43ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800377617&oz_l=2243&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:36 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame E9E2 13 KB
13 KB 70ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 173685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:24:52 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame E9E2 13 KB
13 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:30:55 GMT
x-content-type-options: nosniff
age: 540522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:30:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A1E 8 KB
895 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 18:53:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4A1E 2 KB
765 B 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4A1E 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4A1E 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 18:01:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4A1E 18 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:35:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A1E 154 KB
47 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 19:39:37 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 4A1E 34 KB
14 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
DATA 200
OK truncated
/ Frame C50F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e73fe1843a1120573c9768cec9b84720b262ca63cc5461c8d93be24fe87e76b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame DD98 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
BLOB 200
OK 9013f4f6-c248-4458-95c8-1d8505f39a1a
https://googleads.g.doubleclick.net/ Frame 293C 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068174635110102&output=html&h=600&slotname=8758733229&adk=3043588844&adf=3057092670&pi=t.ma~as.8758733229&w=278&fwrn=4&fwrnh=100&lmt=1668800376&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668800376250&bpp=18&bdt=843&idt=167&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=6566637968570&frm=20&pv=2&ga_vid=8172433.1668800376&ga_sid=1668800376&ga_hid=2075203925&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070969%2C44770880%2C31065824&oid=2&pvsid=2848436422311929&tmod=1017884757&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5VJKMqWsac&p=https%3A//www.koreanslate.com&dtd=189
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F782 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
44ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800377816&oz_l=6489&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F782
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
36ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:38 GMT
expires: Fri, 18 Nov 2022 19:39:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D9A 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: www.koreanslate.com
URL: https://www.koreanslate.com/korean-onion-on-sale.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 113ms
69ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5fd200d80488930cdbf440cf9b8f173e15fbcfdd10ece35ee5fce47bf8ac38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11152
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
44ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800378033&oz_l=271&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 19:39:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8DB 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:04:35 GMT
expires: Sat, 18 Nov 2023 19:04:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0E25 783 B
536 B 75ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a308d98ebfe7d0a8cdc5071ce931f4bb403fb5665268d66511e3a54501c38e39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5ot3sxWXI1GJr27M7W4Rug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koreanslate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-5ot3sxWXI1GJr27M7W4Rug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 19:39:38 GMT
expires: Fri, 18 Nov 2022 19:39:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
44ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800378236&oz_l=6368&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame A8DB 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D06 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRaOxsu-rk4bc25vDBkK2GJb-g3C44XIf-9DvrIixSziHrWqXjJhSK8v22Fv-j74EiiB-wpzsrTjrs1nfEBJxRfy5i&sig=Cg0ArKJSzMVclOukrUiHEAE&id=lidar2&mcvt=1056&p=0,0,600,160&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3043588844&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668800376934&rpt=427&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 19:39:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
43ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800378404&oz_l=178&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E25 0
0 55ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2848436422311929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3D06 16 B
232 B 84ms
84ms Fetch
application/json 18.133.102.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.102.8 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-102-8.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Nov 2022 19:39:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 116ms
34ms Preflight 18.133.102.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.102.8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-102-8.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 18 Nov 2022 19:39:38 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A8DB 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SEuGXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 19:39:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
43ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800378594&oz_l=234&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 92656be1-cba9-47e1-ab11-2cf8c69867bf
https://googleads.g.doubleclick.net/ Frame 3D06 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/92656be1-cba9-47e1-ab11-2cf8c69867bf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37960dfb0a74afa247b54cb6a48281a632d77569d896e4d5966c98b0ca166b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 802

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame E9E2 0
150 B 72ms
24ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=56895600119106500951395012147013&a=a7af37e0&vb=v
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=56895600119106500951395012147013&a=6d6f72dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 19:39:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 44ms
43ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800378750&oz_l=691&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C50F 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvufVe9zCtYRCSxkrZF2C3E2RYvzt4qS6ub-u-OrdmxQsHyVMcwh3uI_oXpkC_4blQcyMf6hfoHPRhoEAKK8dKDvNNUVNvg6QRRe_NSE5s1n8rSi_hWjpkkjm3xJnXDDqPE6nlmfg&sai=AMfl-YRFDdanYuFRP4o-uZDMrWRtb3YJtQyPaneGHUopo5LpUFaWHzW4Vph3V9OGLJNFi8jzgKd-9rqDzXeSmDk&sig=Cg0ArKJSzE4sCPVschh1EAE&cid=CAQSGwDq26N95TrHXSbU7FN3_IJ2u14ogONseiajDBgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=130,812,1000,1138,1138&tos=130,682,188,138,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668800377474&rpt=285&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 19:39:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/ Frame 3D06 0
145 B 45ms
44ms XHR
text/plain 18.203.208.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.82.0/619621/AaSmH18EEelZganw/postback?de=43003&dm=160x600&ai=216536&r1=2001%3A1b60%3A1010%3A%3A&r2=&ci=619621&ap=&sr=4&pp=pub-9068174635110102&ti=4051731651717621374&si=1263127080&cr=6622324&pd=avt&ui=31ebe1a0-0000-0000-0000-000000000000&pv=a564814d-d627-448c-923d-bf2c9940daa7&ac=651871&c1=4562306&r3=&dt=6196211556140246740000&di=https%3A%2F%2Fwww.koreanslate.com%2Fkorean-onion-on-sale.html&sid=AaSmH18EEelZganw&oz_sc=834288296c5f07f90d763811&oz_df=1668800379003&oz_l=11294&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.82.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Nov 2022 19:39:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2848436422311929&bg=!IyClIGTNAAbvMpMzzzI7ACkAdvg8WkAYQbJ-8_cDdHFb66SqJUttuie2fhN7K9KNNJi3higPyNfFVAIAAAFYUgAAABJoAQeZArgpsLLOH1Dv1E3nUhgVfnQArYwE_sHXmj354OmB2RAmfs4UoA5XrlgDxupFxjd4WkgiNFTBN1XPB77KO35rcAC2xKQHiPFaiVuUpze7DSsK-ZQd-vzrmAUl_ozsYF-wjxgCkeForHPqfza2v1HHyLnGSH_MDd_oBViBHsiAXgrn5XILGLrKxDQqfs-YDTTyqKC6qwsNpoFzmFS01ZmL7PCMte0hrWMXi_zkq-HKePNYhwYx70t5oJaDUrwvpWRFylYjvisjQyFnQTvkf0ah8l72PeL3vngnRvPvnoX7mvSMnIHkcadIf3o2K0qpHkawi4aymI3CPAXFzryqNa2gDm8Stjq-10O5-LeOMd1bcCvHJRvnDjfSZbK5K_MTUAISHOcuSyJ66kL0CoSsfsUdut00PBHdVUA2vZwN_FaSfTFTl9GXNlFTBprJTx8VoPE494DcQDIswoIBk92kq7OE785_AH05xSHEDep_E27rjQQ_SkAtTQ8mNHY3Gli-mSvmfY91boE-_Zwc5wg0DJjzUoc_gCR5NcW0y5bvrfCY09uwP017779kP8fJjiB-8Az8QdIN-IqTmlKYj0iEdQCtKHk_lCcFEtHM3Kefv0LEd5fGH-b28MDjL4Ng4cvjptR7gA5KTbCAHzsymeqeK7j9Sb8bsfee6vz6l24wSf0eYUqKmljgvJNfWtW63iPgU1-MZgdI8_LNvguLE7srugQh_KXD_z8HPCdj5-qXQ0KW8ZtLK0Y5Ich28tjlbeLJ-2nSky6_idiFKrOEAoF9rillm7s6flDwBsHJIZNikm5A4exY7mBD1iHQuoYgSMqUHvmxSjPaCobv73zJC6XeL-IfWpKWDf9EUNnPue7YdOyIroDN_zt9yxliGrpm0ugMoyygr7nQR_LxlhR-k4HGudht4P2oNNqLIcxyHdo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.koreanslate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.koreanslate.com/	1970-01-20 16:54:56	Name: __gads Value: ID=f55f6c837d979a01-22c1a31740cf00d0:T=1668800376:RT=1668800376:S=ALNI_MZJ11mxetuaaz--2827SlH3WAwirg
.koreanslate.com/	1970-01-20 16:54:56	Name: __gpi Value: UID=00000b83e792c6ae:T=1668800376:RT=1668800376:S=ALNI_MbLiRXj-PK-WhPdKwXadiV1QjdFYw
.koreanslate.com/	1970-01-20 07:33:22	Name: __cf_bm Value: OK3dAFwsMOu82U9zhs4D1JANmXleCMeZoQzpovycH.c-1668800376-0-AaRGS6XSNOP2xmQ7YBLCNY8lfMSWcxYF1KScpPMLE5S48Jiw8lHHfT2xpzyCTLqhkvJF8yPY/qDQF8tq8duBxrcJUhSpLlNWJqb53OFV2R6mClKNqGinfWGmNm1KHd1aEbrzzpyyMuoIG/k/U9LYFxM=
.doubleclick.net/	1970-01-20 16:54:56	Name: IDE Value: AHWqTUn2ZN-qPcmjC4ulD16m_ZgX5HYEHtmMZQs-Fw0_X0krK9MEgH949dp1BwEKS2w
.mathtag.com/	1970-01-20 16:18:56	Name: uuid Value: 0b396377-df79-4d01-852f-cc6e82661d46
.doubleclick.net/	1970-01-20 07:33:21	Name: test_cookie Value: CheckForPermission
.retailads.net/	1970-01-20 08:16:32	Name: ppb2172 Value: 1742856275
pb.media01.eu/	1970-01-20 17:09:20	Name: DTU Value: 6C644611AC203FA7E2794AF1022526CB
.futalis.de/	1970-01-20 08:59:44	Name: raSIDb Value: 1742856275
.office-partner.de/	1970-01-20 17:09:20	Name: source Value: {"webgains_webgains":{"timestamp":1668800377713,"clickCookie":false}}
.doubleclick.net/	1970-01-20 07:33:23	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/9013f4f6-c248-4458-95c8-1d8505f39a1a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-9068174635110102&fa=1&ifi=5&uci=a!5&btvi=2&xpc=AYoX12ddse&p=https%3A//www.koreanslate.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.track.production.webgains.team
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
i0.wp.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
pixel.wp.com
pv.medialead.de
s.update.mediamathtag.com
stats.wp.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.koreanslate.com
116.202.48.214
144.76.238.55
145.239.193.130
167.233.14.134
18.133.102.8
18.133.151.109
18.203.208.193
185.29.134.249
192.0.76.3
192.0.77.2
2.18.233.201
2606:4700:3033::6815:4067
2a00:1450:4001:801::2001
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a01:4f8:d0a:2321::2
2a0b:4d07:102::1
54.76.176.197
65.9.66.11
88.198.250.30
94.23.99.218
99.86.4.53
0412558673e7e7f8538c79e0c3c474347bc47372e295d66653c61f575b3d2c25
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
14c2c8925b35d89d401927385bee137ed55a857efa7cf34a08bff0be52389953
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c158ddf3ddd7a98e08ae57037b93e74d1a0480a2daa0e745e24f049c8e832b1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
23ce9f7e41ba78b31aa06cbb2a97d5d3744cf7ce5b2d4165bf11810266977fc1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37960dfb0a74afa247b54cb6a48281a632d77569d896e4d5966c98b0ca166b1c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
44b63946f8c7d62365278206692756ae853169c8bf699e67fc143d22bf1a1c54
4525cd9ae95192b55584f18baef83bf3969bba9f8fa40caec36fbc4c3dacda92
4793f8b564fd377d8fd22ffb907f1a155f4702fce662162134ea5bd7b4a17fa0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc6dba4a19e244531824086be63c152c4c32a9bc614f7ab2b674bbb51e56536
516a278100fb179d1a12f89f989990d416b892e6113bdb3c61b8c24f5f9177c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562f74c4e4bd834b29a1dbf64acd3a997a4abf00abafb527429624d5634b27da
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5fc8f078df6ecfeacb97ef1c2cd104ddb6df0c258bbf7291de6d970f9863e574
60969324ccc7109275c72bd7304351267b140854fd6f4a736b25b0221350d8c0
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ad880d629c53986b8462deb5839d7208d1223c69b60704df0a238a20e0d04a
6e73fe1843a1120573c9768cec9b84720b262ca63cc5461c8d93be24fe87e76b
73d9f27912dab2728e2b953e7302c4f4ec6f9fbdb285758066300a1e18f50e19
77f3246b47368a48f88d39a5442e815131d2b699997d725262edf97223f870fe
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c70851603681fce3a9bdcdef3c6bab5be35889394b8e394a06f5a9b40f27e2a
8102a9a6a7e7ba012dc1e44197c4697c902881921b301373fe4bdff1edccaa62
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8d418d85440d919bdf6b5df1deb3c93c7c28e5cd82588dbe71d7dff82de321e2
8ddd9eee2a1408c76357c093687c21ef4c3a12477e6d6809e86ae3ce6890ddb2
8f772174aa311b4e3debbd1da55c138be49eedf83baf38932a7c9dc535474f67
90833670c6fb77530d94509b7e8e7c64dec8bf1259285d51778db4ddfb7c317e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f39839db748707203e9e138f142f6756025b533a423f1119dde31ba21b73458
a0a10e3f2356094515d7338bf8231930942e083eeda06bd556c205f16c947af9
a308d98ebfe7d0a8cdc5071ce931f4bb403fb5665268d66511e3a54501c38e39
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62e7601e4887261354e7ed4b6c430d021686065beb0e367e421329ec96c6043
a82aff100bacf5d26f08fca4854acfe693e0aecb8cbbbeb81c17dbe0e7fa3273
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
b1194ad91e9ab3317759527b185328e82aa8c9af982ccb75b2bc506ea42e47f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2218789b4316d83aade4a83ce81f11ae974b42d5d2c219d795645fbd5e92291
b2c67778bd3e6870eb667bd999f4498630c4e6a6df0c54f8e3e30c0355b815cc
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c208587573bb80a0f12f92c421d12ec1882aea3e240ee103809a4ce703d80509
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6594b89e779911abdc83142c7e13906e1017b329ef70373d136c2f4d6264796
c6c8d37b178cfe8027f5c6c8224420d4b3f30bdd7bcda9212190aff6392f50a3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca2bb25697c90b5338c703064306e1b7f2b34c5f8bc36a127a08af20cbfd382b
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d2cb6c4ce0b2ef4fb404019c0792255259d1b723c01cda789e5412da48fe1541
d58aeac3de3fdad5777efbbaf8551c10b07ff7ff341b932ca8ee3a35163e9a1a
d8fb2c0c7f49f0cf7c3ad2c61671f7d8a0d5df789a613d65f5ee0f018ee6738a
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd200d80488930cdbf440cf9b8f173e15fbcfdd10ece35ee5fce47bf8ac38b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb4f399b6c728c9f2bd4572caf839e9b76f2e8ac3c23ab82c8ce209d2eeac237
fc88d5b69d29e62ed289b80e4eb70a67a0540f95d221e9b497f06ce6c85676ee
fd736b17d189b0f3b0b1c87a5ec9c869cef55b6a56a655f028e3500f19d80ec2

www.koreanslate.com Open in urlscan Pro 2606:4700:3033::6815:4067 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

47 %IPv6

23 Domains

32 Subdomains

29 IPs

6 Countries

1692 kBTransfer

3760 kBSize

11 Cookies

0 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.koreanslate.com Open in urlscan Pro
2606:4700:3033::6815:4067 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

47 %
IPv6

23
Domains

32
Subdomains

29
IPs

6
Countries

1692 kB
Transfer

3760 kB
Size

11
Cookies

115 HTTP transactions
4 data transactions