urlscan.io logo urlscan.io
SecurityTrails logo

news.heraldcorp.com Open in urlscan Pro
182.173.183.2  Public Scan

Go To Rescan Add Verdict Report
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Submission: On November 01 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 5 countries across 33 domains to perform 486 HTTP transactions. The main IP is 182.173.183.2, located in Korea, Republic Of and belongs to HYOSUNGITX-AS-KR HyosungITX, KR. The main domain is news.heraldcorp.com.
This is the only time news.heraldcorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 182.173.183.2 38690 (HYOSUNGIT...)
37 182.173.183.74 38690 (HYOSUNGIT...)
1 2a04:4e42:400... 54113 (FASTLY)
1 3 2a00:1450:400... 15169 (GOOGLE)
15 58.225.75.78 9318 (SKB-AS SK...)
1 23.212.205.62 16625 (AKAMAI-AS)
2 110.93.143.86 38690 (HYOSUNGIT...)
13 220.117.190.132 4766 (KIXS-AS-K...)
1 2a03:2880:f08... 32934 (FACEBOOK)
4 119.63.193.220 38627 (BAIDUJP B...)
1 1 43.201.209.159 16509 (AMAZON-02)
3 3.36.37.118 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
9 119.63.198.143 38627 (BAIDUJP B...)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
61 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
8 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
4 47 119.205.238.29 4766 (KIXS-AS-K...)
4 110.93.135.40 38690 (HYOSUNGIT...)
5 211.110.63.237 9318 (SKB-AS SK...)
11 39.127.249.22 23600 (GDNSKR-KR...)
23 221.165.139.2 4766 (KIXS-AS-K...)
1 210.89.167.46 23576 (NHN-AS-KR...)
5 114.31.34.229 38690 (HYOSUNGIT...)
2 1.224.180.63 45370 (BROADBAND...)
4 58.151.94.210 3786 (LGDACOM L...)
2 27.102.220.22 45996 (DAOU-AS-K...)
2 139.150.249.152 9286 (KINXIDC-A...)
2 125.141.213.35 4766 (KIXS-AS-K...)
16 101.235.211.26 9569 (HCNSEOCHO...)
2 211.110.12.12 9318 (SKB-AS SK...)
3 220.117.190.150 4766 (KIXS-AS-K...)
1 1.237.47.65 9318 (SKB-AS SK...)
1 211.226.25.220 4766 (KIXS-AS-K...)
1 114.108.158.198 3786 (LGDACOM L...)
1 119.63.198.174 38627 (BAIDUJP B...)
11 14.129.167.86 9286 (KINXIDC-A...)
18 211.62.59.142 4766 (KIXS-AS-K...)
36 2a02:2638:3::7 44788 (ASN-CRITE...)
18 54 2a02:2638:3::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.4.243.180 14618 (AMAZON-AES)
4 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.197.136 38627 (BAIDUJP B...)
5 119.63.198.180 38627 (BAIDUJP B...)
1 27.102.220.23 45996 (DAOU-AS-K...)
1 43.202.160.93 16509 (AMAZON-02)
486 60
4    182.173.183.2 (Korea, Republic Of)

ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR)
news.heraldcorp.com
37    182.173.183.74 (Korea, Republic Of)

ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR)
res.heraldm.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    58.225.75.78 (Seocho-gu, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
img.mobon.net
1    23.212.205.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-205-62.deploy.static.akamaitechnologies.com
wcs.naver.net
2    110.93.143.86 (Korea, Republic Of)

ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR)
hlogger.heraldcorp.com
13    220.117.190.132 (Gangnam-gu, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
ad.adinc.kr
ad.reople.co.kr
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
1    43.201.209.159 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-201-209-159.ap-northeast-2.compute.amazonaws.com
adex.ednplus.com
3    3.36.37.118 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-37-118.ap-northeast-2.compute.amazonaws.com
adex.ednplus.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
14    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com
cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com
b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com
17    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
61    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
8    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
47    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
4    110.93.135.40 (Korea, Republic Of)

ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR)
adw.heraldm.com
acelogger.heraldcorp.com
5    211.110.63.237 (Seongnam-si, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn.megadata.co.kr
img.adpnut.com
11    39.127.249.22 (Korea, Republic Of)

ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR)
ads.mncmedia.co.kr
23    221.165.139.2 (Osan, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
media.adpnut.com
ad.adinc.kr
engine.tend-table.com
1    210.89.167.46 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)
wcs.naver.com
5    114.31.34.229 (Korea, Republic Of)

ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR)
res.heraldm.com
2    1.224.180.63 (Yuseong-gu, Korea, Republic Of)

ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR)
js.ad4989.co.kr
4    58.151.94.210 (Gwangmyeong, Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)
cdn14.ad4989.co.kr
2    27.102.220.22 (Korea, Republic Of)

ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR)
cdn1.ad4989.co.kr
2    139.150.249.152 (Korea, Republic Of)

ASN9286 (KINXIDC-AS-KR KINX, KR)
cdn2.ad4989.co.kr
2    125.141.213.35 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
cdn8.ad4989.co.kr
16    101.235.211.26 (Seoul, Korea, Republic Of)

ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR)
cdn3.ad4989.co.kr
js.ad4989.co.kr
2    211.110.12.12 (Mapo-gu, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn7.ad4989.co.kr
3    220.117.190.150 (Gangnam-gu, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
cdn10.ad4989.co.kr
1    1.237.47.65 (Yongin-si, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn11.ad4989.co.kr
1    211.226.25.220 (Yongin-si, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
cdn13.ad4989.co.kr
1    114.108.158.198 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)
l.newslab.co.kr
1    119.63.198.174 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
kr.popin.cc
11    14.129.167.86 (Korea, Republic Of)

ASN9286 (KINXIDC-AS-KR KINX, KR)
mncimg.jpg2.kr
18    211.62.59.142 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
dsp.mobwithad.com
36    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
54    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.4.243.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-243-180.compute-1.amazonaws.com
in.treasuredata.com
4    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
rlog.popin.cc
1    119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
5    119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
imageaws.popin.cc
1    27.102.220.23 (Korea, Republic Of)

ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR)
cdn1.ad4989.co.kr
1    43.202.160.93 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-202-160-93.ap-northeast-2.compute.amazonaws.com
dspserver.adpnut.com
Apex Domain
Subdomains		 Transfer
93 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
191 KB
72 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
908 KB
47 mediacategory.com
www.mediacategory.com — Cisco Umbrella Rank: 106005
73 KB
44 heraldm.com
res.heraldm.com — Cisco Umbrella Rank: 279223
adw.heraldm.com — Cisco Umbrella Rank: 711417
8 MB
42 googlesyndication.com
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com
cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com
b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com
219 KB
36 ad4989.co.kr
js.ad4989.co.kr — Cisco Umbrella Rank: 134188
cdn14.ad4989.co.kr — Cisco Umbrella Rank: 347069
cdn1.ad4989.co.kr — Cisco Umbrella Rank: 387240
cdn2.ad4989.co.kr — Cisco Umbrella Rank: 395147
cdn8.ad4989.co.kr — Cisco Umbrella Rank: 416524
cdn3.ad4989.co.kr — Cisco Umbrella Rank: 544499
cdn7.ad4989.co.kr — Cisco Umbrella Rank: 476075
cdn10.ad4989.co.kr — Cisco Umbrella Rank: 364109
cdn11.ad4989.co.kr — Cisco Umbrella Rank: 359305
cdn13.ad4989.co.kr — Cisco Umbrella Rank: 347068
4 MB
24 popin.cc
api.popin.cc — Cisco Umbrella Rank: 30359
log.popin.cc — Cisco Umbrella Rank: 32274
kr.popin.cc — Cisco Umbrella Rank: 305605
r.popin.cc — Cisco Umbrella Rank: 32914
rlog.popin.cc — Cisco Umbrella Rank: 58833
inrecsys.popin.cc — Cisco Umbrella Rank: 37457
imageaws.popin.cc — Cisco Umbrella Rank: 54846
491 KB
23 adinc.kr
ad.adinc.kr — Cisco Umbrella Rank: 229328
35 KB
18 mobwithad.com
dsp.mobwithad.com — Cisco Umbrella Rank: 266363
13 KB
15 mobon.net
img.mobon.net — Cisco Umbrella Rank: 129804
325 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
676 KB
11 jpg2.kr
mncimg.jpg2.kr — Cisco Umbrella Rank: 834266
270 KB
11 mncmedia.co.kr
ads.mncmedia.co.kr — Cisco Umbrella Rank: 616171
5 KB
9 adpnut.com
media.adpnut.com — Cisco Umbrella Rank: 161874
dspserver.adpnut.com — Cisco Umbrella Rank: 332508
img.adpnut.com
177 KB
8 tend-table.com
engine.tend-table.com — Cisco Umbrella Rank: 129049
4 KB
8 heraldcorp.com
news.heraldcorp.com
hlogger.heraldcorp.com — Cisco Umbrella Rank: 666115
acelogger.heraldcorp.com — Cisco Umbrella Rank: 655097
104 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 ednplus.com
adex.ednplus.com — Cisco Umbrella Rank: 157220
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
147 KB
2 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 4529
982 B
2 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 newslab.co.kr
l.newslab.co.kr — Cisco Umbrella Rank: 716892
948 B
1 naver.com
wcs.naver.com — Cisco Umbrella Rank: 25455
633 B
1 megadata.co.kr
cdn.megadata.co.kr — Cisco Umbrella Rank: 163944
3 KB
1 reople.co.kr
ad.reople.co.kr — Cisco Umbrella Rank: 348264
5 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
60 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
3 KB
1 naver.net
wcs.naver.net — Cisco Umbrella Rank: 23604
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
33 KB
486 33
Domain Requested by
61 static.criteo.net ads.eu.criteo.com
www.mediacategory.com
dsp.mobwithad.com
static.criteo.net
media.adpnut.com
47 www.mediacategory.com 4 redirects img.mobon.net
news.heraldcorp.com
dsp.mobwithad.com
www.mediacategory.com
42 res.heraldm.com news.heraldcorp.com
res.heraldm.com
ad.adinc.kr
adw.heraldm.com
36 gum.criteo.com 18 redirects static.criteo.net
36 bidder.criteo.com static.criteo.net
23 ad.adinc.kr news.heraldcorp.com
code.jquery.com
ad.adinc.kr
api.popin.cc
js.ad4989.co.kr
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
news.heraldcorp.com
www.mediacategory.com
cdn.ampproject.org
media.adpnut.com
18 mug.criteo.com dsp.mobwithad.com
news.heraldcorp.com
media.adpnut.com
18 dsp.mobwithad.com www.mediacategory.com
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
news.heraldcorp.com
www.googletagservices.com
media.adpnut.com
15 img.mobon.net news.heraldcorp.com
www.mediacategory.com
img.mobon.net
14 js.ad4989.co.kr ad.adinc.kr
media.adpnut.com
engine.tend-table.com
14 securepubads.g.doubleclick.net adex.ednplus.com
securepubads.g.doubleclick.net
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
www.mediacategory.com
news.heraldcorp.com
11 mncimg.jpg2.kr news.heraldcorp.com
11 ads.mncmedia.co.kr code.jquery.com
9 log.popin.cc news.heraldcorp.com
8 engine.tend-table.com js.ad4989.co.kr
8 imageproxy.eu.criteo.net ads.eu.criteo.com
5 imageaws.popin.cc news.heraldcorp.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com tpc.googlesyndication.com
www.mediacategory.com
4 img.adpnut.com adex.ednplus.com
4 cdn3.ad4989.co.kr news.heraldcorp.com
ad.adinc.kr
4 cdn14.ad4989.co.kr news.heraldcorp.com
ad.adinc.kr
4 media.adpnut.com news.heraldcorp.com
adex.ednplus.com
js.ad4989.co.kr
4 adex.ednplus.com 1 redirects news.heraldcorp.com
media.adpnut.com
adex.ednplus.com
4 api.popin.cc news.heraldcorp.com
api.popin.cc
4 news.heraldcorp.com news.heraldcorp.com
code.jquery.com
3 rlog.popin.cc news.heraldcorp.com
3 cdn10.ad4989.co.kr news.heraldcorp.com
ad.adinc.kr
3 cdn1.ad4989.co.kr news.heraldcorp.com
ad.adinc.kr
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.googletagmanager.com 1 redirects news.heraldcorp.com
2 in.treasuredata.com api.popin.cc
2 fonts.gstatic.com fonts.googleapis.com
2 cdn7.ad4989.co.kr news.heraldcorp.com
2 cdn8.ad4989.co.kr news.heraldcorp.com
2 cdn2.ad4989.co.kr news.heraldcorp.com
2 acelogger.heraldcorp.com news.heraldcorp.com
2 adw.heraldm.com news.heraldcorp.com
adw.heraldm.com
2 d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 hlogger.heraldcorp.com news.heraldcorp.com
1 dspserver.adpnut.com js.ad4989.co.kr
1 inrecsys.popin.cc news.heraldcorp.com
1 r.popin.cc news.heraldcorp.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 kr.popin.cc api.popin.cc
1 l.newslab.co.kr news.heraldcorp.com
1 cdn13.ad4989.co.kr news.heraldcorp.com
1 cdn11.ad4989.co.kr news.heraldcorp.com
1 wcs.naver.com wcs.naver.net
1 cdn.megadata.co.kr news.heraldcorp.com
1 ad.reople.co.kr code.jquery.com
1 rtb.nl3.eu.criteo.com d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 www.googletagservices.com d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
1 ads.eu.criteo.com d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com news.heraldcorp.com
1 connect.facebook.net news.heraldcorp.com
1 wcs.naver.net news.heraldcorp.com
1 code.jquery.com news.heraldcorp.com
486 66
Subject Issuer Validity Valid
*.ednplus.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-26 -
2024-08-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.popin.cc
Secure Site Pro CA G2		 2023-09-27 -
2024-10-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.mediacategory.com
Thawte RSA CA 2018		 2022-11-29 -
2023-12-23		 a year crt.sh
ad.ad4989.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-06-15 -
2024-06-28		 a year crt.sh
wcs.naver.com
GeoTrust RSA CA 2018		 2023-08-01 -
2024-08-14		 a year crt.sh
*.heraldm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-02 -
2024-01-20		 a year crt.sh
l.newslab.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-05-09 -
2024-05-14		 a year crt.sh
mobwith.co.kr
GoGetSSL RSA DV CA		 2022-12-08 -
2024-01-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.mobon.net
Thawte TLS RSA CA G1		 2023-05-24 -
2024-06-14		 a year crt.sh
*.ad4989.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-01-17 -
2024-01-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
dspserver.adpnut.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-19 -
2024-04-24		 a year crt.sh
img.adpnut.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-01 -
2024-09-19		 a year crt.sh

This page contains 112 frames:

Primary Page: http://news.heraldcorp.com/view.php?ud=20230803000456
Frame ID: 7BA1B25F655DEFAF80738328955A40B7
Requests: 140 HTTP requests in this frame

Frame: https://adex.ednplus.com/xc/h/xgvk2qz7
Frame ID: 30212E0D525E0B5FDE64ECB4973C7D6F
Requests: 7 HTTP requests in this frame

Frame: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FD9B14419A9CEDE9EF53986E8584D17A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B48F672AEA5BDE90753AD93165ACCFB2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88DF77DCA77799C701FE425AA5C2E59E
Requests: 2 HTTP requests in this frame

Frame: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DA7BAE4979A0EA18948D3BCAA470E2C1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Frame ID: 98D67675036C4643B7204466BBE691A3
Requests: 20 HTTP requests in this frame

Frame: http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300
Frame ID: 878181E2581376806B7A7D0C31DCB011
Requests: 3 HTTP requests in this frame

Frame: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Frame ID: 4FC80E3945DEA3F9568F4B97F839C4B8
Requests: 9 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Frame ID: 33E60C62CCD3D60BC5474B87FE452F98
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Frame ID: A0475AE331CA4AAF4677B6E116146FED
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Frame ID: 760849D38CC3A2FF0C5792A1A415E4F4
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99&sslRedirect=Y
Frame ID: EBA9B58BB0A62FAD68D1A748BB67BE62
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Frame ID: 48EE60C991AFA8CCDD263717120BB3BB
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: B598A53B3C79BB497216BF8ECC0716EE
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9138&count=1&output=html&auid=d6a540b83c2070b4286bca7218b8a9503f2-2bf2&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837688%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: E060238137C8E1967E973986D09ACF5E
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=8822&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D666141%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 142104164D8E0E4063068C918255E57A
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 6FFA36B78AE0949D758E950E788E8133
Requests: 6 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: EC2E1ACC241C5E19E9D3E0260F98379E
Requests: 6 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: C594ABE03F8CDDF8098C126A3EB85E5F
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 62541E45D8EF4CFDB337242A511BF9D5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 324DD55FE706654C86F9A5BF9369F6F5
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 99EA19D0138606681E38705B9A40C354
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 87CEA89C73339B59C11A6340BA85E38D
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: FC1A624CEE939C15E2BFE6EFE150DD25
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: F64A4A474E06F3C61608E2CCE46FE17F
Requests: 8 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 92248034286C6D7FB9101E884C2B6835
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 17870160EE36DAEC371BD9A1FF59B7AE
Requests: 6 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141136
Frame ID: A3065A7C4E896A75F21DA0FADB21CB6C
Requests: 3 HTTP requests in this frame

Frame: https://adex.ednplus.com/xc/h/yyBcFS3k
Frame ID: 768A537BA6A6D354E8974EBFA8C275AF
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: D9CB4578940EF43CDF9D626AA0C5448F
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 939CCA9F71EC0038F3DBBC09F1069813
Requests: 1 HTTP requests in this frame

Frame: https://b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 58BADB818606B9AAFE91281C62B33F50
Requests: 1 HTTP requests in this frame

Frame: https://cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 5D2ADB8BB45D61BC68A9DDB6E2AB5986
Requests: 1 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTY=&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141789
Frame ID: 7F84A439A82BC0B3E9E7BB05678AA537
Requests: 3 HTTP requests in this frame

Frame: https://b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: CAF3537F2F8CC3106677AF7E976F2151
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 009BE5D4CCC97E810951418396636E3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E464545F1DCC9F0F64FC3FEDFD1085DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAE857217C31E0F1F1ED037E3959F110
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2FC5365A3D536B5A8EDFE54AA9C94CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34D3894859A49EFC6EEAC8DF4A8E7D22
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02A2CFA137829D7D5B85704ED7846A1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A150344D8BC4A95596849F0054DDC28
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Frame ID: 8270AE2CAE6B941D949DF1E81010E0D4
Requests: 12 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 7042EDB23613874DA21767EB07875E5D
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: A7C411B91C705F594398999DEB77470B
Requests: 17 HTTP requests in this frame

Frame: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Frame ID: 793EA5DC7490496114D7FA07C81A0BEF
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 1B21639E3A312418E5A0F39EEB662EF0
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: DF0BA128578F934768539E01AA372A51
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 2C8A9D84D08E8FF23C1C633853638EA6
Requests: 1 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//media.adpnut.com&lang=utf-8&tm=1698837142965
Frame ID: EBD87400D14195A448302AD0D3C9071C
Requests: 3 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u2&out=iframe
Frame ID: EFF6B7E68EC06E852C76937C014871F1
Requests: 3 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u3&out=iframe
Frame ID: E394F155CADB48D48BF719EB8BD33F81
Requests: 3 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u4&out=iframe
Frame ID: A7722C02DA79AC220BAFC0C9CC1CD9AE
Requests: 3 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u7&out=iframe
Frame ID: E00636A4CD32AD684F6968581EF2FAE8
Requests: 3 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u8&out=iframe
Frame ID: E1C83C93F20ED48FA4ED466E331EF295
Requests: 3 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: B99D290F2E14461718B3DE11DF563D6E
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 0EBF576D1E7E05672D446653F0F9BA99
Requests: 2 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&grade=3&out=script
Frame ID: 36443D74966FFEDA60634148ACF0556D
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 1DBCA09A291F444F5B8372A45D35BCCD
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: D61C20C6B32FD3F88D5A0DF84ACCBB67
Requests: 1 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837143688
Frame ID: 80BF3D224E12C9DDCF255FDA0C197E46
Requests: 1 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837143712
Frame ID: 3D9DE7D7C581C2E06230AF40A64C66B6
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 15295EE3D4E139601F2BBEAE794273CD
Requests: 1 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837144497
Frame ID: 714FDAA2BC00AA16439C9A0825F113CA
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 6D25144086606D9BC8D65B84B36ABD6A
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 5CA78F412CCFB440BD7C65120BB1E277
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 03CE3230BE853512F67311482ABFA00E
Requests: 1 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837145014
Frame ID: 50341A1B61BC928B91ABE2A4ADFE2A61
Requests: 3 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 0216FB3460F46F2A8CF015CE645E9C54
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 09D915F6F939B300DC9D50594FDE56E1
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 4B67EC4C514AEDFDDBCD51F1F7B75775
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 7A4153FE1610485A50A51E6805336C9C
Requests: 1 HTTP requests in this frame

Frame: https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837146834
Frame ID: 61F0C3F5DA9F3C869908B489380FA0E3
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 51FF039E3DE9B7ECC0CE2FB11931A03B
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: C1E8B0CD2E27FA8456800D89AC8AB970
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: C66D1321326402A175D8CAF6DFD54547
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 955A11966B0D34BDF34A65AAB29BB527
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 3332593E28D6752D43AC46BB13604778
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 1E661B8CF690AE0FF0F616FAE1365C53
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 44F1F253D02755CBE95670F6021EE912
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 97ACBC1E184A8E2D485BDA2BD09C4471
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 45F5E3CEA5587E426A2A543F1177ACE9
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 365F42137982A696664137167945E1B5
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 9298FE056F44F9BC23DD22B3D6E00334
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 9CFCF0DDDDC57D619BC360AD1CDE43D5
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: CA0759F0EDFDC270AB78FE05CB690ED4
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 0A4BE5AD9401E695429CEC798E2DF50C
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: ECEAD67F069B1631F0ECFA5FBA054C15
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: C4A0221323127F010F7D03490F203968
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 341E4BD4BCF8EA5DA19F1A75369BD869
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 6CB1F3AC33BD7BAFE76829B4BBD3C3B1
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 796BDD541BDC8F6E1B2E55A910585ABA
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: D9B697ECE2F658FC84C95B6BC2753804
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 4C5E463DD557976D1A5114048A615945
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 21382136B07439877A27012ECDC713B6
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: F93EE786815BB9351B4CBDDDF9FDF0B7
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: FB5F1E01313AE1EECF60C19A10FF7243
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: E57E2894934E5FE723DF12D8E3087E0E
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 072007ABD2058610105C1FCC0604318D
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 2F3EB7F2DE35390EDA2AA135B5CFB058
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: C9FA68B2E9CE8F569ED106D61CB1DDA3
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 76476BFE2FFC806DB46910074C285045
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 94105C813E84B8BCB45E348F76C7F994
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 19AB6107B2D1F68950176806D25EF7FB
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: D1B80046A5AEB7A935A2F986B353C319
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 32B4AC0519EE870461CA9413843F4F60
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: 9DD1B0B9E9DC78D38571CB99CDED8C75
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Frame ID: 78B13A3B394B19E236E609A136E77B1E
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Frame ID: 48F89CC3B03EFE0CBDE66821939DECAA
Requests: 1 HTTP requests in this frame

Frame: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Frame ID: 737726EC2E10F315D13046108CCD6146
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Frame ID: D0A7E1924B4944B7894578C284D2768B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

"만트럭, ‘멤버십 트레이닝’ 성료…임직원·파트너 활동 박차"- 헤럴드경제

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

486
Requests

71 %
HTTPS

37 %
IPv6

33
Domains

66
Subdomains

60
IPs

5
Countries

16188 kB
Transfer

21134 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.googletagmanager.com/gtag/js?id=UA-81791503-8 HTTP 302
  • https://www.googletagmanager.com/gtag/js?id=UA-81791503-8
Request Chain 26
  • http://connect.facebook.net/en_US/fbds.js HTTP 307
  • https://connect.facebook.net/en_US/fbds.js
Request Chain 28
  • http://adex.ednplus.com/xc/h/xgvk2qz7 HTTP 301
  • https://adex.ednplus.com/xc/h/xgvk2qz7
Request Chain 37
  • http://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
Request Chain 147
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1 HTTP 308
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Request Chain 148
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1 HTTP 308
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Request Chain 149
  • http://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99 HTTP 308
  • https://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99&sslRedirect=Y
Request Chain 154
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1 HTTP 308
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Request Chain 186
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kwVmBXxJZHRhalB5WHp4R1JzeGc5a2FCYW9ZQVA3QnIra0VMUVFKQU1HSnJZMDVZWUQxTnMyTk1DQXAwWlFDZkpLUE5xeEhqVExmMldWSUdMRXhWc0NhUnZVZFFCUG5wRjhJS0hMMWxkV2tJZzFGSk4yY2xnSXFEcDhYZkdIU1JKVE5Ca0taUkZ5Skt3ajFDVEVKWmFHa1M2M0JkalBJd0pobXBwcklkdzd3VVVkK2xmcVZ2bzBWVGZqRzlaa0hyaWZaSzNKNnZiMWFYbHB4bnR1N3phOWVsSm1mK1pmQzFJYXJGSklpVUpWU21kbTA3TWhJeUQxNGpMSjh4T21YdzBDcEEzMEJQWmFITDhIQ25EY0N3MGNSZVo1ME9oN01lc3J3UGxUZWdMaHFtTlFHdz18&cppv=2
Request Chain 191
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=UOndzXx2Z3JCWU1SMktXclRMTDNkdGtBdGVoNGN0ZEpFelpJbTJyK2RlcVpXeEVsMTVWMFhWOVlKMDJZWDF6WmVlc1NHcjBHRGlQQjBxbzFqQk9EWGFQT0VpNHo3a2dwOVNRU3lwUmlFZEFPSGhwL1g5U0lXTkFreDhtcXRSQ0lKWjRlKzBSQ2RFV21NZjlIYzBsQ2NDbm5hYmhPdzF4L09mNTZCT3pkZTdRbXJVOTAzZDFjMk14Z1NaZDZldTdRZ2V5VW10QVQrZGI4TzdvNHRYZG1PZ1FqNWw3L04vQTFPZmtMRWh3Qm1kUUJobjJJM2l4SlNwSkswaklZZWRnWnN6TXBmc2pMMnNoMTdSb1B5bWNUZFp5bjgxNUQ0Y1lMb3pIQkVxV20zSzB5SnlBUT18&cppv=2
Request Chain 199
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=5WLGrV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnFreVlMd1F2dExBcW1WMjZqR1B5bSUyQjI3UGxqMGg0SG5wJTJGd05hbFJoT0FRVHN3b0pBVlZFNEFjS1lkaiUyRjRPcVN0UHZ4MXlMODJZMGdpZzRoUXVIeHdmWjBONlU2cU1QZnN2WnlLVkVPMTY2TWhEdzNKbmxiYXolMkZSJTJGV2FVeFFwY2clM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5ifI9XxyTDkraFBHdzB2K1MyQVZiWkRuMndhWmJWMXkrMjNmVGQwN1hwNlJ1UEFLRDZoamxvSFdzOU05S3hVWWk2WGlucHFxbjFUUHUrbWxnWnpIME1CZXNOU3B5YnJ6WlJOcTVPYUNlSk9kV0JLVVRsWVhqQnRHSWcxSXo4ZjVxcjdtTGF1NFg5VSsyNmFVanF5MGNNSnBPakVTa2p0a2RWNnBxMGZ2VngyQ1FmbW9JUlJTK2cwZ0h1NFlGRFdQZHo0THQwOEpoOHN5WHl2SFZlMXZqb0VNY0RUMk5DbEpJTjUzbDF6TVh5MTM2alZSbEUxN3lUcGlzTDMwMzNndDBTMWZLeVNweTZIekgwald0dHhwcExISjdTQnN5RXk5RDFBVXFOYkZ0T2o1b21EVW11NzlpUXRiM2FIVmhaQWtWM3h4RXw&cppv=2
Request Chain 225
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=wgHIF19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNRQUtPbHNyREFRazdTTFc5V2lkN1BBdzN5ZXV4OG0lMkZYeXdYTTN2WUpkRW1zODBiNmQxQ1gwekFwVGVPaVZ3ajFuRGxNZGglMkZkZm9TSXN2RjJqaWhvU1B2NiUyRm9RTTlWWkMxWWpOYlZMVnYxcmVXM2hKaVpsQSUyRmNrSjdtU2o1V1h3JTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=NpyRoHwzdFhjSyt1dGQ4QnR0SlpGZVpoZW5YeVVHU0VpZGlyeWRtV2VDcTNXU3hoR0hzaUhCUkFVQW1zZGJuZmlvbVZKMEFiWFlRNzZPcVpPMitqakt2eVNHa0YyZktoSE1qSWJGZGxJL2xweTlMYXBDczdEdjZEajhSK0t3Y3cyU21BRkpQUWNPMDllRzI1R1NiUmFoRTN0RUlGSE0zVmgwS3FLOW5ZV0R6Qi8xd2ZyVCtHVng3ZDIraEJiam1MajZnbVd5QW1yZnc4azdEamtMSGhQcmhHSEtvTTc0akJwVTloVGhHYnV2a1I1Mmg2OW0zYm9CSjJubFgrQ1g2cW0zK2sxdHV5Mkp5R3l0VXMvcVZ5R09Zdng1RHhxQllTOFQ3VnVEb0h5emw0QzQvdXNJK3JYQ0tLSFNPM1NxNW53cnFzdHw&cppv=2
Request Chain 297
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=s-CmwV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm00Uk1vM0d6WHJGMXlSRTNwaUEydU1ENmNvclA1YWZNJTJCanZNZnhyRzNVMjE5M2FHUzVjV29jcXJqTEkwbUFJdk5oT1ZDY2dVT2I3ckU1b2lpazNCaDVYak5OZ212MEtOUkpaUVV3cXlWVDdiJTJCdTNpRjlHT0klMkJKQjFQUzNTWFpsdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=74_ROHx4eUhvRGVjbmJnMUtZQUttbERMY1VwekhRaGhhZEpvM1lVakVkZmkyMGtON0tvUENPeGJzQ091Rjg2Qk5nemxRUDdON1hJeFZCRWk1OWI4bzUxQ3hOV3pzRDVxbXMxWXVSYVZoZldEUHJtMGtMakhYVit2bk5tMlNPMmF6cm5qakhicUpBcSt5T0J6cXIvUXBBWU1WeUFuVkEyZzVEUTZaYnlPZ0k4VFVhZksvYjdjK25VNU9kMHg4M2VEZlRYUEZUb2ptOUliUHJCYVJPa1lOVWUyd1BXU3A5aUlOUDdja1lwTHpQdnFVU3VoTlRyc010VjNuZVBzMDhHaU1WanR5YU5jOTlQTURNWkppekNGMjFTNDFFSzI3bUE0M0lhMXo1cFBkaXhxNWN0WW9qcnRnMTczeEtlaDg0QkRia050cHw&cppv=2
Request Chain 335
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=adex.ednplus.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=m91ChnxTQkNqNzk1SU5aWVZBbUwxcjdRWkNuQk5LbG5NeTgvSEprcnN2TktaSnZ2UFZrcWo1djI1RHYyYUFDOEw5b2kzUHcrVFBXUWtNSUpEOEUwTUExQTBMV25rVVFlVXg3ZDMrcmN1YUJFT1k1am02L3A2THFETWtwTTBhdTJ2T1oyYTE3RS9YUEdNTW9NYVFocDJkM1B4Z1M0c2dVUXBuMEFJQVJFTHJCcWpuWDBWSVoySmd4aWVoZTJ6azNSNmtCZ0ZIclpKcVdIbXdLbDBEbDAvc0N1aDc4cTgwNEplbUdxTVh1MFQxYTJYejNsTmlYcC9zS3RUUit2MnBuRDl1blJuUFFnUWRIU3U4TDVxdVZFSjBGa3dGV2xUZFdlYm9NdHlCeGR6ejJScUUyRT18&cppv=2
Request Chain 350
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=UxhoVV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnRmcVZEZVJiV2hUczNVVjFGRURNUDMwTzlJaVJMT2ZucE9ISGZnZFNtN3JpSVhFU0dBUFo2JTJCWnNLOTFCciUyQjBrV1ZzQWptbFg4eVB6SFVEaSUyRk15VU9IQ2dOU1BJdHElMkZaQXo0SkpoOFoyTEkyME9RNzYxTnlJcDVQWEYyJTJCczlCSUElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=pf4TYXxhZHBtclRqd1hmZzY1OGZlWGJDM0Nzb1YrUTJUUTZHMzFpc2pQTlJteVM3ODdtYzgzS3p3bzNxNU5uVzF0U2xZZWtSMXVsbHE3UmtOVUZzTEpYS1pwWXJtRStnQUJhd2s3U2pBNVpjMWtvZ3l3bnFxaWM3VTdFblhSTUFzMTlFUmVoYXpmV3hjb09CWS9wUzBjK3FDV25oa3pQcjNOSnpJVGdjNnUxVGpBcWVwOHZicHBGRXQxTnNkcjlLckZkOU9Ra1JqaWpvVExNT1JIdzlvc0hMS0kvby91Ti9jdCtvM3AxNjVKVU5yQWJzdXdrelQwQ0wzQ3JhNkJnZkNQcS9oOXNpTW9RY3QxRUgwak1qcVJxODcrdFJhd0w0d01KcFpHbEVyV1p6T3FmaURPOElFRGo4Y1ZNeEZCZ21oa01iWXw&cppv=2
Request Chain 375
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=pMSG4V9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmh0QnIyQ1JtTFozbXZ3Q1BUMXV1OVMyVyUyRm5lVTdaZ2syd3lPc0tLb3l6UWw1Nk1oZks0ZE44OVMxekM2V2ZTSVByQ3dINXZjRkxLUVAzaEVtWHNUV21YN0E0JTJCS2RsMSUyRlYlMkJibWlPd2IzQjViSnBEeUtTZEhIRk5VY01HUVlwRDBnJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=8rHZ63wyYTVGMGFNUk8rbzhSY2hrZVhST2l2bitiM0JXZy85ZEVYYnZjVkxzY0t2VXJENDYwS21ZTWRjY0xoaVh5WjBJazN3ZEhaU0J5K0cxSHhrdWVscGl6UStJQ2dtMlBiWUN3aStnZVFZSExscUNaMnlqdWZVZHlsV090M004RmlTcjl1c3lzKys4eGRwODBqWmRRMjBwek9XT1FnUTJ5YnBSZ3lQakZ0ZzJvV0JITTYrZ1NtajRYT1dTOThFS2h1dWNOdzNoNzl6NEFQcWxyV1N5amJITXg2NWdoNTlQT2RsYnRERGpBSHBZOHBYVXc4b3psLzFUNXl3OWhYNkZ5cGpjUkpnR2ZYY1o2WXVJNTFHck55N3NXMG5kcEJXVzFHSXN1Y3AxVHEzVjVSVTVwSGtINmF1STl3UitVcE8wa05iS3w&cppv=2
Request Chain 390
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=RpwuLV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNyJTJCM2pqOGxrN3dsekJHeTlOMFFGZmlIJTJGUlZLak9UVGZNMUdMazFYMkklMkZKJTJGNGJHYTVoZFglMkZ1ZkVVQ2YlMkJzc1p1Z05xZFdhOVR6bDQxUGVwbHg0Q0lKQ0YxQVhJVkNHV0o1WjhtZjk4eUd0Nno5RVA5cEloRXRaaWxtTkZPejlJUSUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dlL8n3wwSS94TFJaOWJkQkVlZlRNRnBIV0w5bGM4aU8xbzNDR3o0aEZWZCsvK05BQ2paZTFvaTU4anhmWWt5Ymh3Y3dkd0JHM0pIUmR2UGVES0p1bWtyRXlKdDIzT0lMSy82bUtKV21CTEFRekIxYWlPSVdDYTFCUjRZcVk4SkFRc3VkaTFVMzc1K0FRWkwrR01YZW1VbVN4REpBWW1YRVhqSWpianZTOXZyb2JpVlhXUWRkYTBoSzZpemRLajlSb0szcVNXbStFSEtwaG9MNjVyaGN2VFk4MnhZSUVHb1gvbmRKV09GMHE3dTlxVjlub2w3Kzdmc1l3YlhaVlFLOWlhckRMempqWEVEZ0czNHdSdlNjSFI3SldLSGl2SUZHRmRHZXN6TzNTdkg3dmVVYjhpdlhtUVR6eXZDbTZuemQ4SVpDWnw&cppv=2
Request Chain 400
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=BK1fY19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm5RamcwciUyRk81U2dQV1pHclRFVUo3V0VoM0pxNDVNNWd6aVNsJTJGSThJJTJCZmFHOXFzZXpUVEU3Y1hKeUg0TXBJZjc5MUgyc29TMHVZUHlaMUhENWdNSFFpWXlnTGFQd1dHbzR0TmdiSjg1eGVVSzltblhveG9MQVR2aHRFN0c1WHoyUSUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kE77inwwT3VCUWlMazQxQnV6V05mWW56bjFBanlvMy9uc0xRRHJROTQ0MHFFY1pPWUxaRUdHNmROUlUzZ1VOV2VrMkhCaXlDRVFHQzZMVnNNOWlxM3oyTmpGOC9DdzlIN3h2dnpZYlovV2czcjY5R1VQY29Oc3lmM1ZWUmFrME50dE1CS01IVHNvay8yVllreE1DaUFtMkNzMVdNRGlnS0kzV200ay9vdUt6aXV2dXE0Z2llZEtGaTVDMHNWK01kdk5qY05DcnoxZTR0VzFJZnRJRk0vaXJ1eFVmMVRUSUdtMnd0RGI2UWEzSFRVdE1ISkpZUHVxdmNqZTlmWkMrNFVOZGVTOFFlZmdWUkVJTWZkMG82YVZhWksxTWlDRjBONDExcm1yZTJNNHBScEN2REF1K1VHR1ArVU5IdE5hVGtRZ1RSVHw&cppv=2
Request Chain 414
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=2V0whV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmd6ZjNWcmhmQVZhWVdYNE5Dd0dyU24lMkZOWGt3RHBoQWo3NFhFTEVFWiUyRjRHejE5V0YxM01EMkdDRElOVGdMUndVQ3NBdXoyeCUyQmdiMVNnRSUyRlA3Sjc4YVZmd1hVbHhzNjlWc01hck1QaDBoQSUyQkx5QkUlMkZ1ZCUyRkR4aWNLSDc1d0tHJTJCTHclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aDscQXwvVndnVTFYckZCSjZWSmtBK1NNTXZNK3cwdFdJY1duTXdJekdwbElOMUFLOVRCY0hTSHdLZVgyT3AwV3FRdUswREZuNm1KRTJxaVkzVkw5K3Vibjlqais1NTVLZG9mVGJtSHlka0U5VFg5cWt3d3V3RWFtZWtrWjJNY2diYWJuK004dWtnaTNCWTBkVUtEMVhpZW1wWWlrQjRrVVFsNkdEQkt4NEtab3A2Z002SC8wRkFldFFZSU1pSEsxdENDYVZISWJnNHBwODUxOUk3ckhGampWdUJxVnBLamcralludGMxTnI4S3VjNVB1Y3dWcExhbmZQT0llT3RubW5OTDd2VG5ORmxRdHVEWjdvTmttbit2eE0wNytXS0JVQStJMmZMWlRvQmlkWkgwNW03Uko0MVozd0lRNEFGOVpESlNaQ3w&cppv=2
Request Chain 424
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=1wlyz19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmpSUEJYTiUyRkN6TFZCJTJCRVUxNXJzd2hzdDJ5dWtnejJtOVN1M2F3SThOaVFNMGdkcUVoNyUyRlloUFQxU3BySVVDcXQ2aXNmT1hOMjRrRUQlMkJYYzNpb1cyaHBLSGMlMkZ1ZnF6NmpoTUUlMkJxekZGUDNvUlMlMkZjOGJMUUVuRjg4RWk3dmlmeW9nJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LoECwHxSQVVIZFdMVnYxWXk0cm5OS0JzaGgxS1BJSmdOQS8wclR4N3IxbEY5eUsvbmRoZXd3b1AzMUNlTURlc3BZdVE4cEdLWWw0dk1LbWNZUlFYT01HMmhqNzRjZkxpZU1RSVRyNFFMMHJzdjkveHo2MThrTDZDMWlmUHFNYThwVjJLakFCTllMQUt3aVAzSUUveDRSMGEzQnZOQXRKSEx1OW9XZDdLcnJWd1JoN0cydk5VTWV5a2prU3RNM1BOUmxWWGpROE1wVnpGVnluaEMvYjN3NS9OdUJVcW01bVpRU1ZCbU5teGN0L3FBTkNBSEZjVVBnSFF4SVZjN2dKbXR1QkN6TFdrbi9WQW41d0pHRWFmUk5xdlRYM2dYa0MycCtxdVR6bndZci9hWXdrekY2MkZHcXFUOU11a0NQdHJrUG5qeHw&cppv=2
Request Chain 434
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=z9rur19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnJISnIySDZLZHNmZUpBVURuZTVkZEtUc2JVS001S0M5a2xiSWElMkZhRTNua01Qa1NMYldJdmEyZmlHbGxaN2toQ1dqWkk1T1U0VFl5TnRDVkp4aWdiRWRCZ3d6Zmp6eHh6NVZpUm93N2Q2WHlVVmhkJTJCRk9WVVVBMXd1cFBTWG55eWclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iX8E6Xx0QkVOYjhrL1Y3VUQ3cjRzbjhTdEdKOWZPUkcxdWpQYk45cnRQOXVUUVR3NTdFUkFZbFVKaDl6Slc0ZG5wK0dMOUQwY1RxSjNKUHNidjBUd0JoRFBUMjBxUFJWTHZYcUhaL2JvN2lnNzUrMTA1UDk2VWVXR2cxQTJ3UktoSXRGLzF3aWczc2MvUjhJWkRDSlBaUVl1K3U3K0l1M1IyL0FtZ3F0YVBBaDJxUG85YlhRcWwzVzVYSjBKeEtlQWJ1bnNVYy9LVTZMcUUwVmRvRGlqcWdpalV6NDRUZDcrSDJJL3JtYk91V0szMFF5UkQ2WDRNMGdON1RJVHpQdjducVJDWXpPOWFuRkJCY2VPZEtQc09HdE8wQjlnNkJXWjduY0trN2FXYXNaeWVNZ1ZyYkRYbTMwbWx0eld5TkFLSytxUHw&cppv=2
Request Chain 444
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=6Kf_CV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnAzb0dsM1VjOXV4ZkNMVnFlUDM4c2FxYnV2MkZvbmhidUllUWNpYTNjc3FaellTRVpIZDhGJTJCYklSRjh2dVVzdlMwRTAwNXFSN0FIZTlsTTY5UGtrYThnTWVldHNHcDZxZVJPeTJpWU85eSUyRlloT3RGNE9hdTJOaGlhQ2FWYkdXeXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HzmTh3xZMDBydFZQMTRBUjFmc2hKb0U0MGFKcFdFRjJ2UGQ3SDI4ZWV4eDU1Nm1DWFRqNWRmYm4xNzNtc0pSWHBseXErNkJ4OW5vWGMwa2hpUHFUTUtrMnkrSU9OZXBJWGVvR1BxRWpYZXcxb0toeHdPWXZlNkQydkorSWlJYkxHNTc4M2sxSkdmSDNjL050UTByY0ovRnVzNzBwWHJvT21PUHBoNEg2eEswTE0wV3hBMUhKNkxBN3dHRENwaGg2blUrSlFRcmNGVS96dFhxd3AxVzhVbkIva2VhZnN0b3hIVWVHcFFlSE1NS0tGT2NKaE1UNXJwcDdEQWRsSWgrbjZxbGZBeVpRaWRRSmtWK2RxSVMrd1hmc2JJUCtUcXUyT1E4NXVEZUZIeVNxNnRoeDd5VlFMTWI1WUZGaXdPanNSRHFEanw&cppv=2
Request Chain 454
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=upCJlV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmlaelQ0TWI0NXlrNld2c2tuQkRrUHVQd0lSamZFRDFzV2dKUUFiQng1VzI0Rjc0ajBudzlnMVkyMmYxYlRJVFhaRXVmVlhFJTJCWlNRbzhBcDcxR2xWRDN0QTNPV2hYeFpoVHpWVE9vNHZTTUxHR3VkbkFnYndyaUg3M2hVdnRuaU9RJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZKgXAXx2Z0hiZW9zM2N5QlB6QWNsZm9Sb2MxZGE2eHJhb2xWcDhtM01UeUx6QTR5TkpTWUtrY2lEdzRpdTNSU0w3K2NlY291anNKV1ZBeS9vQjhNeU9uZkFvdUlNQUtZcUhFZEE5OERPSkpJRTFBRFhNcHp5Q2NweTQxelRiOWtManpXamJxTjNERjRGcm1BVUVxek5Wdy9HeHFkR0M3VFFnZHV3MmlvTnY0NGIvcUFEbHkyRXZNUjVvWU9DdVNxSTdJcHNSTjBoa25sdEdGSWRORDlUVG9ES2hYaVdFaFNFYkoram12bmtIY2h2d1AxT1NSc1BRYWMvUEI0TTMvVktSWjRQZEJwemdWNTNNU0kwS0ZFUkFGekFwWFZUNzR2R3FTQnNDSnNub1RaRDVEMnlPcUlHWTdOeWEvd0o0Qmx5M3prZHw&cppv=2
Request Chain 464
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=0Yqj-l9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnYlMkYyZWslMkJVWUNXWkExNExteTM3dXVlVGg2ME9taHNTU1NDa3JzdnNCcWgzTnFySzlRclhVb3JsZ09LZEZjWE10UWJWRkwyY1VYVTNDT3lqdEFnOUFXU1JZbFhwNE1YTmx2dTlaMXhBJTJCVVNkMDZSNE15dWt3c3FuTnMySFJiWWVtdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Y0YSn3x5MVJFdEVCTTZmZDgvMG1RdU03S0lTRTRsRFNlWXc3SGJxMDFlVFFMYWVIdEhtbUR1WW85eDZTUFNRTEV3TkI2enUwbE1mdkF5U0VNYk12VkxGcEoxa0NOMjhRR2xWbUJjcXUvdEF5S3c1WHBBWGx3QU5lUEF1Q0dtYUxDN2lpeGpMckpGd0JaWmduYmhPRnRBOFRXY05Nb2xUQk02dHdqek9XaDJWVXRiQUY5K2lWd29kVVltOUUwb3pwaDhwcGFMcU9FR1ZmaHJ2YTNHaUE5Wk44enNKZmh0QUg5eEdqNVpPdlE3cXZ0M21zVjFtM013MGZtZVlJVWZIVk5EV2k1bXQ0YUp5YThSZXltRDVJelZoRzZWbVFxT1htU24rUGhOWjBDaUhqZXJCbTV2K1lncE12cllFWitkN0pOOTVNR3w&cppv=2
Request Chain 474
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=rDMtKl9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm9iRDhFZUtLUG1Rd3dYS1ZPZGVJNVVKY25ZSFl6Z0ZCU3R5WHF4Mm0yajdreE9OT0FIRE1jS3V5M3BXcXJqMk5qQlFNeHNGc0lQa0k5dTQwYnBtMUN4RFBXSGkyWE1paGswMEFvTFB0UmdaOHZad3FmbUZYY280ZGllbW1SbzlqZyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RTtSt3xSM1FXa2lUcUFUa3dJaWZZaVhzT1FVbEViSWFVVHNKNDFHOW5kVkpBSlFGdU10Ukx3VWFnN2hoMXFUdi8vRVY3NmhSQ2xwSSsxcDl4UFB1VVpiMitkbUJQMUlEWWFoLzdRbnhDdDU3OFR6RkppTmxGM0c2WGw0TTY4Z0c1T2w1UCthdS9jK3VJakNyZGZGUm52Qlh3VGZDWmRvNkNBaEsrMDVjUTBTNUFvTFNSMHpEUzFUU0QxRm1HNEg2Q3lLWUp3bGFyQXY4c2RNMkpYWXFIN3lVemtDNm9iK0VlcGduYW0vTHpYdHUyeGZNbU9Jekxpa2Y3QWpiTWVkMFUwTVFlazlRSlR1S2duNFFiWG13VUNEUWhMOGQ5NEJxLzR2bHJwSnQ2VE5idUN6NC9aTVEwVjVybDZpNTBoMUpCcHpkQnw&cppv=2
Request Chain 484
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=hCLuSF9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmtReWk5UEprdzhJQlRKRiUyRm9vUmliJTJGOFNzdGtVdUhqRXdMJTJCaGpERjZpYjhsZUg4WjFpRUZ1cDJJNm5NeUsyU21IM1hkMUZQVU9raGgyMXlnSGZHNlZDcmtQRTM2N25PakVicTRVbTRXTzc5QmdGVzJoMFhGalVwY0RMTTRRVzBSdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qEuxI3wzc2x1Z1N3S1h2aFdadVYyNjJvRll6MHkvVXZzazlrZ0lQVnVqRnZCaHVqbkF1bDdTZ2tFZFR3NVdJNFdaenRzWDhGcjJQU2tNc2l6dlQ1SE1MY2ZYUVVpMWJCUVdqTEVBSmQvT01UcmpvYzlaaUdzK0dDWDdtOUhySURaaUcySXNWWEZuS3JINncvWFJ6a2FDaHREUktNajR1RzFjYnkzUWxiVWw2NFpNcGJmOStWWTJiL25BT2lsS1NrMk1vWXNEOW1MbWQ1dWlmZElLWm5uUmlXck1PSnA5Uzlrckdkd2h5ZEVZT2s0Mms5d3JrRnE4QWlMakYrdHNsRzE5WDRFdkd1REJ0TkJJYVgvdzBPdHNWOXBhb1JHazh0S011bm9rSUVoNjZuTDMrRTg2N2hseEFEOWtndm9ROTJlUlhPT3w&cppv=2

486 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.php
news.heraldcorp.com/ 		55 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.2 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
60e83f1b7c3f4fb61a807c87f1dfb71dbe9a667c348897c1417a801e03f76209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 11:12:10 GMT
ETag
"0:da8b"
Keep-Alive
timeout=10
Transfer-Encoding
chunked
reset.css
res.heraldm.com/nbiz_2020/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/css/reset.css
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
14a8d4fa0948c2e56d3fabfe732121666852888f22fffabb71aed32d5c165c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Thu, 07 Jan 2021 02:37:29 GMT
ETag
"5ff673e9:1eec"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
7916
Expires
Fri, 06 Oct 2023 02:28:34 GMT
common.css
res.heraldm.com/nbiz_2020/css/ 		137 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/css/common.css
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
aa1b1f126848501aaafcc8a3b57c09394082069e64a82e7d621812eb211fa829

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Wed, 09 Aug 2023 06:09:51 GMT
ETag
"64d32daf:223b1"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
140209
Expires
Fri, 06 Oct 2023 02:28:34 GMT
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-latest.min.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:11 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4036509
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
33202
X-Served-By
cache-lga21983-LGA, cache-fra-eddf8230030-FRA
Last-Modified
Fri, 18 Oct 1991 12:00:00 GMT
Server
nginx
X-Timer
S1698837131.062707,VS0,VE0
ETag
W/"28feccc0-1762a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges
bytes
X-Cache-Hits
71, 274557
newsticker.js
res.heraldm.com/nbiz_2020/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/js/newsticker.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
6b9ed68d54aae79f367ddfeb52829defacf377eab66f6bfe3129206a9d74af59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:105c"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
4188
Expires
Fri, 06 Oct 2023 02:28:34 GMT
swiper.min.css
res.heraldm.com/nbiz_2020/css/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/css/swiper.min.css
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
2dea0299a858d3b0dd203bac40c266a24145044425ea6d45cbf6a18d9f402b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:3562"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
13666
Expires
Fri, 06 Oct 2023 02:28:34 GMT
swiper.min.js
res.heraldm.com/nbiz_2020/js/ 		136 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/js/swiper.min.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
c7ba630c5e8051c458623ce0cd5c85786951d808478682ea17bc7626c0490718

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Wed, 09 Dec 2020 10:29:42 GMT
ETag
"5fd0a716:21f28"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
139048
Expires
Fri, 06 Oct 2023 02:28:34 GMT
adjson_disp.js
res.heraldm.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/js/adjson_disp.js?pp=003
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
d04ba90ca75f88c90a4f2683e7f2a6acecc2a4e72ae87a6d451ba9ed895e4969

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Thu, 08 Nov 2012 04:01:05 GMT
ETag
"509b2e81:dc6"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
3526
Expires
Fri, 06 Oct 2023 02:28:34 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=UA-81791503-8
  • https://www.googletagmanager.com/gtag/js?id=UA-81791503-8
186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-81791503-8
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74c7a7abb58147a2cd81d5a75a71f651a87a74ebde39c69ee61173fc7fc487e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68904
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 11:12:13 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=UA-81791503-8
Date
Wed, 01 Nov 2023 11:12:13 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
254
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
climateclock_v2.js
res.heraldm.com/js/ 		369 KB
369 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/js/climateclock_v2.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
15a3d60d410dca6cfc5bf2664f9107081d34bbaaf0e4e0d147ee561578009f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 13 Jul 2023 01:20:05 GMT
ETag
"64af5145:5c445"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
377925
Expires
Fri, 06 Oct 2023 02:28:34 GMT
logo_70years.png
res.heraldm.com/nbiz_2020/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/logo_70years.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
4217863ab2792bd09af3edc61873e4c2f4cf41343b9a7e02b4ee811092982352

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Mon, 02 Jan 2023 06:30:39 GMT
ETag
"63b27a0f:16e7"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
5863
Expires
Sun, 05 Nov 2023 01:28:34 GMT
search.js
res.heraldm.com/nbiz_2020/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/nbiz_2020/js/search.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
dee7336d410e6fffffff89abb65b69408c5b5627685c2c527f559a89bea9b1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:4af"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1199
Expires
Fri, 06 Oct 2023 02:28:34 GMT
hb_insight_btn.png
res.heraldm.com/nbiz_2020/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/hb_insight_btn.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
afa0da6b113610af3d37cdcd2f8bb15f1f589ff7344ded37c49cb15eded0b9dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:12 GMT
Last-Modified
Wed, 05 Jul 2023 00:11:42 GMT
ETag
"64a4b53e:102e"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
4142
Expires
Sun, 05 Nov 2023 01:28:34 GMT
HawkEyesMaker.js
img.mobon.net/js/common/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img.mobon.net/js/common/HawkEyesMaker.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
29f390053f1aab9b5a7b83d7294c9e1b43e2eacc7869bcd801a190a04b736eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 01:46:55 GMT
Server
Apache
ETag
"f40b52-1b005-60405fc56eb5a"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
37474
ico_face.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_face.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
aa20e0694e610b40c2ca752ccc4065cff39d2d8a27ea5c79e8a45b083b2fe543

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:6a8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1704
Expires
Sun, 05 Nov 2023 01:28:34 GMT
ico_kakao.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_kakao.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
51aad8a59fa7ec7826625e5775d1cd9192eb362a9b6ecde4918c8f8cf5bb6144

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:608"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1544
Expires
Sun, 05 Nov 2023 01:28:34 GMT
ico_gas.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_gas.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
0883e5766ffaa01ebc58dc8f8c0523c734d0beebf31080785b0538befa3a9627

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:724"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1828
Expires
Sun, 05 Nov 2023 01:28:34 GMT
ico_gal.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_gal.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
411fbe88509a131734ca0753be1d068aa1de7d9912f70eca1aa14e74fa29ca2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:738"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1848
Expires
Sun, 05 Nov 2023 01:28:34 GMT
ico_print.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_print.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
ef7d6de93417764a72cc1b51da94dc08496cb30a8a4288205943fbca19d52907

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:760"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1888
Expires
Sun, 05 Nov 2023 01:28:34 GMT
ico_mail.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_mail.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
8c3b6655d3c388cda738283ae715aaa543f7ce818c3c56c1a38f0fae79e89584

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:7b3"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1971
Expires
Sun, 05 Nov 2023 01:28:34 GMT
20230803000463_0.jpg
res.heraldm.com/content/image/2023/08/03/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/content/image/2023/08/03/20230803000463_0.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
8dc324b0ff0fb1efbe1562c28128cf04a044aba41256529dedc3b2976b46c3c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 03 Aug 2023 04:51:48 GMT
ETag
"64cb3264:1a42e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
107566
Expires
Sat, 25 Nov 2023 21:24:59 GMT
20230803000464_0.jpg
res.heraldm.com/content/image/2023/08/03/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/content/image/2023/08/03/20230803000464_0.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
a3b5aba5d109b63abcbf0e80e01d9da6627505beb2f7b172f294ed4fc392fbc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
Last-Modified
Thu, 03 Aug 2023 04:51:49 GMT
ETag
"64cb3265:1a7c5"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
108485
Expires
Sat, 25 Nov 2023 21:24:59 GMT
b_logo.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/b_logo.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
3a33bc89eb14e97c5f8d7b191bdece5fb0741471a1aec6fcd44e118100f5dc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:748"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1864
Expires
Sun, 05 Nov 2023 01:28:34 GMT
wcslog.js
wcs.naver.net/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wcs.naver.net/wcslog.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
23.212.205.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-205-62.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2023 06:30:22 GMT
Server
nginx
ETag
"6400427e-4e4d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1124
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6784
Expires
Wed, 01 Nov 2023 11:30:57 GMT
loggerjs.yjs
hlogger.heraldcorp.com/logger/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hlogger.heraldcorp.com/logger/loggerjs.yjs
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
110.93.143.86 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx/1.20.1 / PHP/7.2.34
Resource Hash
b2a172e113a53d1a73ea479816424e1aaff50735bd288f0c2fc3bc030bbdc1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08jP&out=script
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ecdd6d6f78d3b5ad2afb748c897cf9df471d624ec7c4fcbdcf439c60e85c3067

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:15 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
climate.css
res.heraldm.com/climate/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/climate/climate.css
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
0ce8bd18ed798bdf9488ed0610cedeccdd6611851c71c9b12bc88bb2ce388488

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://res.heraldm.com/nbiz_2020/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Mon, 10 Jul 2023 01:57:04 GMT
ETag
"64ab6570:4cd"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1229
Expires
Fri, 06 Oct 2023 02:28:34 GMT
fbds.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/fbds.js
  • https://connect.facebook.net/en_US/fbds.js
4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d2ffb9088e8b235bfa46cefc5f6ad53551bbdfa34c94c4304e82531f18c09ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 11:12:13 GMT
content-md5
LVg5jlPW/+43VtR0cqJdhQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
reporting-endpoints
x-fb-debug
0Pvx51+dwlibefXfMMZzoda4Pi1m37mCvMzhJknUrem0Bz8I1lCru23XjPNYa6e3Ste19/BfxQnmr7w3mZCavA==
x-fb-content-md5
364f6d484182d99c10437d5af479dec7
cross-origin-opener-policy
same-origin-allow-popups
etag
"03d8ecb73ee8ea802db6d971388a9dfa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:30:07 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/fbds.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
bizherald_adin.js
api.popin.cc/searchbox/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.popin.cc/searchbox/bizherald_adin.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
0b8efbe29a1accd1c9f284948a89c98ef31411597bab1f6fe4f9d19dbc4e76e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
x-amz-version-id
6x.85dOr48zGCIYPB521IW.Rb64Oqpz6
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.44
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Last-Modified
Mon, 10 Apr 2023 04:22:22 GMT
Server
nginx
ETag
W/"7b4bdd29ef3abe3ad1286a92092a560d"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 01 Nov 2023 12:12:14 GMT
xgvk2qz7
adex.ednplus.com/xc/h/ Frame 3021
Redirect Chain
  • http://adex.ednplus.com/xc/h/xgvk2qz7
  • https://adex.ednplus.com/xc/h/xgvk2qz7
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adex.ednplus.com/xc/h/xgvk2qz7
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.36.37.118 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-36-37-118.ap-northeast-2.compute.amazonaws.com
Software
Oliver/0.4.0 /
Resource Hash
ccf6c4fc1647c898eba16894b4aff72451dc0ca310f8c94f4b88c80c5e33f5b3

Request headers

Referer
http://news.heraldcorp.com/view.php?ud=20230803000456
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 11:12:14 GMT
p3p
CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma
no-cache
server
Oliver/0.4.0
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Wed, 01 Nov 2023 11:12:13 GMT
Location
https://adex.ednplus.com:443/xc/h/xgvk2qz7
Server
awselb/2.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		178 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qU&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
450c4d6442e91edb58728ea9818de8a22feb9b4fe32b9c7606420d444fd3e4f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:15 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		179 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qV&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f9affb85d09f506d397a78c337ae9fe86c248384a20d18b28ed7269f12516428

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:15 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
ico_menu.png
res.heraldm.com/nbiz_2020/images/ 		129 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/ico_menu.png
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
54285e09b8e36e021df8790287c4234941f36a994e21a49ba7fcd6cd10d8ca90

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://res.heraldm.com/nbiz_2020/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:81"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
129
Expires
Sun, 05 Nov 2023 01:28:34 GMT
Montserrat-Regular.woff
res.heraldm.com/font_new/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-Regular.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
8580eeae11fe774dd619100bd0b3685506eed9623a2d9385c811bf3889947903

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:def0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
57072
Montserrat-Thin.woff
res.heraldm.com/font_new/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-Thin.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
29eb124df9cce55298d42e86a0fcb204a97a2cd2cf5af35b8e5dc20213194ff4

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:c328"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
49960
Montserrat-SemiBold.woff
res.heraldm.com/font_new/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-SemiBold.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
03c6797742c7bcc3a2a737503f94691f8a814916db9f572943a050408b6fe754

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:de2c"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
56876
Montserrat-ExtraLight.woff
res.heraldm.com/font_new/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-ExtraLight.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
620898b565df6e9a982ed80b0af7bc398df79fbd998cd41e0445dd489298fe81

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:13 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:d0e0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
53472
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1440573646257323&ev=PixelInitialized&dl=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&rl=&if=false&ts=1698837133689
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Nov 2023 11:12:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4ccd5beba4378bf7303a525eb4d38d70025bf997c4abcb0b20768bfa7393cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80731
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 11:12:13 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-81791503-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4951
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 01 Nov 2023 11:49:42 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=900565748&t=pageview&_s=1&dl=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&ul=en-us&de=UTF-8&dt=%22%EB%A7%8C%ED%8A%B8%EB%9F%AD%2C%20%E2%80%98%EB%A9%A4%EB%B2%84%EC%8B%AD%20%ED%8A%B8%EB%A0%88%EC%9D%B4%EB%8B%9D%E2%80%99%20%EC%84%B1%EB%A3%8C%E2%80%A6%EC%9E%84%EC%A7%81%EC%9B%90%C2%B7%ED%8C%8C%ED%8A%B8%EB%84%88%20%ED%99%9C%EB%8F%99%20%EB%B0%95%EC%B0%A8%22-%20%ED%97%A4%EB%9F%B4%EB%93%9C%EA%B2%BD%EC%A0%9C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1274951855&gjid=540089277&cid=1745743290.1698837134&tid=UA-81791503-8&_gid=667198495.1698837134&_r=1&gtm=457e3au1&gcd=11l1l1l1l1&jsscut=1&z=1383113814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://news.heraldcorp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://news.heraldcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P350PZECWH&gtm=45je3au1v9119054269&_p=900565748&gcd=11l1l1l1l1&cid=1745743290.1698837134&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1698837133&sct=1&seg=0&dl=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&dt=%22%EB%A7%8C%ED%8A%B8%EB%9F%AD%2C%20%E2%80%98%EB%A9%A4%EB%B2%84%EC%8B%AD%20%ED%8A%B8%EB%A0%88%EC%9D%B4%EB%8B%9D%E2%80%99%20%EC%84%B1%EB%A3%8C%E2%80%A6%EC%9E%84%EC%A7%81%EC%9B%90%C2%B7%ED%8C%8C%ED%8A%B8%EB%84%88%20%ED%99%9C%EB%8F%99%20%EB%B0%95%EC%B0%A8%22-%20%ED%97%A4%EB%9F%B4%EB%93%9C%EA%B2%BD%EC%A0%9C&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-P350PZECWH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://news.heraldcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
popIn-common-8.min.js
api.popin.cc/lib8-lightweight/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
1f2df6a1a501a0922a976d878630ff43bc46ed73b4b3355d548390a16f58dbf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
x-amz-version-id
xTD00zBHqjcBswUhXPdRsNreFf8K_doF
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.44
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-meta-tag
20231018_OnlineApi-13769_geo_country
Last-Modified
Wed, 18 Oct 2023 10:56:35 GMT
Server
nginx
ETag
W/"b97abc57aa509b6605853fa9466787ed"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 01 Nov 2023 12:12:14 GMT
popIn-discovery-8.min.js
api.popin.cc/lib8-lightweight/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.popin.cc/lib8-lightweight/popIn-discovery-8.min.js
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
75408ada0a7482fb508e3b272017828e9c177db49e261a851491a4cc6e2dbb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
x-amz-version-id
OLD3XhjlM6VYotOBe3VZ3h3ipmq1r2_u
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.26
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-meta-tag
20231018_OnlineApi-13769_geo_country
Last-Modified
Wed, 18 Oct 2023 10:56:35 GMT
Server
nginx
ETag
W/"1f0309c787d9487cd05fc8bb359f3ffb"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 01 Nov 2023 12:12:14 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuMTE3IFNhZmFyaS81MzcuMzYiLCJyZWZlcnJlciI6IiIsInBhdGgiOiIvdmlldy5waHAiLCJjaGFyc2V0IjoidXRmLTgiLCJsYW5ndWFnZSI6ImVuLXVzIiwiY29sb3IiOiIyNC1iaXQiLCJ0aXRsZSI6Ilwi66eM7Yq465+tLCDigJjrqaTrsoTsi60g7Yq466CI7J2064ud4oCZIOyEseujjOKApuyehOyngeybkMK37YyM7Yq464SIIO2ZnOuPmSDrsJXssKhcIi0g7Zek65+065Oc6rK97KCcIiwidXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJwbGF0Zm9ybSI6IldpbjMyIiwiaG9zdCI6Im5ld3MuaGVyYWxkY29ycC5jb20iLCJ0eXBlIjo5LCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJwb3Bpbl92ZXJzaW9uIjo4fQ==&t=1698837134191
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:14 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
NotoSansKR-Medium.woff2
res.heraldm.com/font_new/ 		1000 KB
1000 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Medium.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
aafab1bbf1bf73a07d3b212ac5da4160e56ec9b19fdddf7a806a439971cb4f14

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:f9f9c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1023900
NotoSansKR-Light.woff2
res.heraldm.com/font_new/ 		905 KB
905 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Light.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
60d58ffbf8b94c22edb21593cc457f9e798e6c27c9e9f510704b99b146f340d5

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:e2284"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
926340
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
HTTP/1.1
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:14 GMT
x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.44
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Wed, 01 Nov 2023 12:12:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3021 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/xgvk2qz7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
309c1650bdcb84145f7e6eea1384ae9907df6fc9aab95bfe5035a06691f09dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29896
x-xss-protection
0
server
cafe
etag
180 / 19662 / 31079290 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:12:14 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ Frame 3021 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
71153
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135432
x-xss-protection
0
server
cafe
etag
13870563710225165476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 15:26:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3021 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2015922189954243&correlator=3226948498424516&eid=31079299%2C31079300%2C31079302%2C31079290&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=136386782%3A3503216%2CDS%2CGPT_bizheraldcorp_pc_160X600_left_wing&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=adex.ednplus.com&abxe=1&dt=1698837134991&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=160&ish=600&scr_x=-12245933&scr_y=-12245933&ucis=3w1f68y1dx3l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fbiz.heraldcorp.com&loc=https%3A%2F%2Fadex.ednplus.com%2Fxc%2Fh%2Fxgvk2qz7&top=news.heraldcorp.com&vis=1&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1193294210.1698837135&ga_sid=1698837135&ga_hid=772158937&ga_fc=false&dlt=1698837134788&idt=187&adks=2345984318&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ccbf5fcf9846451abf076ab897c6a6878c1d7b967458849bf0762390beae2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14370
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adex.ednplus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:15 GMT
expires
Thu, 31 Oct 2024 11:12:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3021 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d9d5fd8c6a3b2aa95e0ebf078876765de3289ed163cdccb85a2b556ae28f5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11964
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3021 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 11:12:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B48F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 10:01:10 GMT
expires
Thu, 31 Oct 2024 10:01:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 88DF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
252c1b07eceb9a25713aefcc3ae1524479d773298727f6dadfc076ae77159b16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BUj4Q-cFt_KvHYGpLQLyxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BUj4Q-cFt_KvHYGpLQLyxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:15 GMT
expires
Wed, 01 Nov 2023 11:12:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame B48F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 07:11:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 88DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310260101&jk=2015922189954243&rc=
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
container.html
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:15 GMT
expires
Thu, 31 Oct 2024 11:12:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 98D6 		198 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
906af9ac8c0a4d5c8598df60352e933fb2442ff3fae05e4c03b99c7cf0d1d765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:14 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vBQRSBtHU8SFIeDX31tON_cNDG9eNmdsIvamh0PRHDuyVgPXOmgIE7sr9c421r-HRD7KUoQNtcvk-GcXMrqmI1zSyj9O_ftVw7uPPCmyK-TDpGsRUu4K00BJcjI4233_KEZDgk8Sru61cQgy7jAfrjiqBPhMztTMDyahhQizdr7901yEupWKR50_a53ki7-9JGXl8IdNUiQSMA2SEPiIyz1fZSY_K9q6qzMI5H-6nbCFCFCNGNHxcnR_1cM"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
66963530
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame DA7B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/window_focus_fy2021.js
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 09:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 09:46:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame DA7B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:24:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DA7B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
448686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA7B 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:12:15 GMT
generate_204
tpc.googlesyndication.com/ Frame B48F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?T0mdMg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame DA7B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
564d9e49b27b1120b5d93268af28638604f37eca11f0d1cf9211777919d38fbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 98D6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 11:12:15 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 98D6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 11:12:15 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 98D6 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 26 Oct 2024 11:12:15 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 98D6 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 26 Oct 2024 11:12:15 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 98D6 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ez6TcMSI-i1nJhP3PEWh_c75GS4nObWmMSaIUcQilNIMnaPN_qmxs1XypIG3FWdNyHG_nZU3ZJo-0qKZoGCAFikb_zPILElb_kxF4RCm8HatrsmfvcXFgLRPpodJk2_Uyvjl8PxVH6h_o4lmdPSii4XOLMJhRPEE7iGHeF_AFSv-JDFU0nXhAgNFzvcBGoToAr72iuKXtWlHPX2h7fd3vw5YbhuksPywwmexThbp2DfqI8sxH8Tp6uO4hsTRFZC4EXl6PFo6skVS9M-_sHF32hGaJgXyAVoD35pkGMc4RUsdTD5Nq7AY0zicDfX8MDN2v7DRAHw9suxKJluU4ITras9wCCwKZSE6grmrfgPCVGq5ILZLYLk6cUkv4Vkq3pcdDyghxHltOWRVpGFr1GsPQ_LqF_TX0rs0ZQlQXbTnaD93WXHw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2969204
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 98D6 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 11:12:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=108&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2F2c4eb29de8c6449488ed17ce2fbf25d3_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=316&rid=4&s=3R3k6VCp-rz7KrDInf-LkLTf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cdf055ab24215b4a4805c4bcae0a1e96f842fd68a896768b1375f31c5d53e7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3552
expires
Fri, 18 Oct 2024 12:21:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2Fafa2118245bd45bd812bd6a81384c2ec_2023-09-native-ads-strong-man-500x500px.jpg&v=3&w=1200&rid=4&s=FSxu647mXhi_QLqqPCIuEA0O
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3843916525b5b6f769012a333e373c24b26b7c74277139590d0694b9338db772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
31460
expires
Fri, 18 Oct 2024 12:21:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F4ac45bfb288e37e9a2ee03853f99686a10e9253c.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=cvxFYoxVbg970lR2ICH8Rm6E&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d464202e33f58e38635d41e9f2a119bb8ffa4e4e191b87c0238ea38e2c944e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4416
expires
Fri, 04 Oct 2024 12:37:34 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fc1ace0e56cf7ca2722f6c8efefa2a1b535d2b088.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=ZUdgMU8ajIa1VseMKy16Ku5d&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6266
expires
Wed, 02 Oct 2024 15:00:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F96ef1d0227b5dc1fad750d7a833111304a2330f5.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=fTpeG_XQrY4aXs0JilC2KEOy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a69814422f09965b432159047a2410f304c3321755c9d91f5bc69cccbd5db325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4304
expires
Wed, 02 Oct 2024 04:51:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F6976dcee15385139315889fe805f0d441fa3a5f2.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=-XhRj_ajtyPyCHHMVs-DtqFi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
13db015e79b51c28d05bb150c746e08dfbd6590c24f9769609d51925e88e6812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
38208
expires
Thu, 03 Oct 2024 13:21:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fa130c5d7fa8dffc72f7c6bbde2420064b2e3cac0.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=Rx3gGFxyPrRzCB8oXDvkFGdy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c121271299d3fcb7544cd07b6fdc800c434624558dade4763692ebdfa8957170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
29038
expires
Wed, 02 Oct 2024 08:31:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 98D6 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F1a88657e919dafcd8e838424230b47d8243b2b75.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=dxFyV_17TY1gaGM_j7fUeNZr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6b166cca7a09fec1c6acd8036357bbc0de385df954f06120e7135bb0d6108baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14042
expires
Fri, 04 Oct 2024 11:00:39 GMT
all
csm.eu.criteo.net/ Frame 98D6 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vBQRSBtHU8SFIeDX31tON_cNDG9eNmdsIvamh0PRHDuyVgPXOmgIE7sr9c421r-HRD7KUoQNtcvk-GcXMrqmI1zSyj9O_ftVw7uPPCmyK-TDpGsRUu4K00BJcjI4233_KEZDgk8Sru61cQgy7jAfrjiqBPhMztTMDyahhQizdr7901yEupWKR50_a53ki7-9JGXl8IdNUiQSMA2SEPiIyz1fZSY_K9q6qzMI5H-6nbCFCFCNGNHxcnR_1cM&sds=2&rev=89121&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 11:12:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 98D6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 11:12:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 98D6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 11:12:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DA7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cp0_cjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTCAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM2pSkHU-jtWcng_kBi0d0DmkzgEIGhOe11CvU2Cn6GRVsXBXsb_6_gBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDcwNzAzNjQzMDI4NzU0NBj21CE&sigh=LIAjDWu06vM&uach_m=%5BUACH%5D&cid=CAQSGwDICaaN__rv211gRBFYbwFF-p9ng8Gmvo1mLRgB&cbvp=2&vis=1
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame DA7B 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kMHZGMY1oAHYBJ2DYgICAAAAYHLdFGSvEGMQjjJCZTD-xaxB_BsLaA0AABIAAAoKQVFVQkFRRUJBUQ&wp=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&cbvp=2
Requested by
Host: d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:15 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
183654
server
Kestrel
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3021 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310260101&jk=2015922189954243&bg=!HB-lH1DNAAbo5yKYyOc7ADQBe5WfOLHePp4uOFsNNA9_8CvP351rRmSIA1i3LAut90FaIUtH9tqOely2e6xREHx-dQMpAgAAAIVSAAAACmgBBwoADWAKP6AczJye2E4J_sWZAtG08UWgcRrJK8B64XV312Od6k2gE7Q-F6tkd0mJD0kE94v0rI0oEYeinxH5gClXDr6m4eG6TVzGyiVWBQzcx415W3sIb27QBGj3Aeo4Nj_rdSQfLu_P2lFZGotVt7Fz9Km1hUj56xyrxF7oHE5pWIcjtUTecxFhm21uKt6NwRxxhv0ZtazUFlOe0AUShQLFSWhHiLlHGx3zjmu0fM3lEJDwCb9WdV7Tw8mv2Sqw0bxJieFs7oXLbQvhKJuLQRvwYcS2kQU4sDkndlBu8uK2rTyyYV-5EQ4eXMITinzh8PdvOfFmydI_8Ywhyp63Wvz_kMH2N80WM9b9sygcrjGsy2K3QtmA0rrLO2BhGfjvXfEHzieUrAGUKIb1yahNiPm_kwd37T0HA7C2GGeGeoijysChXPqplG-Fko2JcRq6hMMxDCRPWRHKIo34KCoKjNwobdfPX5K0lGk9-GCiScylzdjjMZ7jBStiqMnq535RnnHmefjGsQyH_gMTq0sf2nVRmRMnc-ns4le7buvGpr4LhQR8UcieJ6PEzvDccwUqkIMvDvX6mVI_xGoGnDNQt2z79Q00kR6lJ8njyH2LMFTAA7o80kcpZh_3yptI2DhKqRh06TzSxyGi-EAQkX1rdfd1AbktxellRyOMzS248FVeuq3-SkRp61-5hFCDMaJbLDM2AsELL2ludHG4pxjOs1dEGABYBKFl-8O1RkVuTepFE-SIcGpe0umK259s5USriO-3AqfCyqyFmZhDQaF2HkjHy4pXGIaglQr_hoee08TPTyV1_l5vZIZyYkCQYtO5rBYnPqopswF3rIM7csGMt0jDECgl2R3t4D31qyvX0DbmmmoEitzkjZnaXxMX4h0gHN2BMW1A1kJfXZfWZC5VmMYSgVIIgVdiHq8CztH6uaxXcOWlCq9SwFl9bMl7dAeu-G52ZWvtaz3xSLD1OsTo4nsayZga
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
837695
www.mediacategory.com/script/common/media/ 		354 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/script/common/media/837695
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
7ad03534894a5a798d689cce910ad729d7b0f3f795b01769d0a3d44989a02fe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Connection
keep-alive
Content-Length
354
Content-Type
text/javascript
pelicanc.dll
ad.reople.co.kr/cgi-bin/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.reople.co.kr/cgi-bin/pelicanc.dll?impr&jquerycallback=jQuery111107691498385336244_1698837133496&pageid=0CsR&lang=utf-8&out=json&_=1698837133497
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6b7caecbdad1f733bf470045806750b5784c5531626abdd345a17da66cf1defe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
HB_sub_highlight_300
adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/ Frame 8781 		179 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
110.93.135.40 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx /
Resource Hash
1c19e4a0bafb314d29b5476582b39f9c48f7329f6d7ee7a7528e02e3f1c76bb2

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
text/html; charset="UTF-8"
Date
Wed, 01 Nov 2023 11:12:18 GMT
P3P
CP="CAO DSP CURa ADMa TAIa PSAa OUR LAW STPPHY ONL UNI PUR FIN COM NAV INT DEM STA PRE"
Server
nginx
Transfer-Encoding
chunked
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame 4FC8 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0aeef47c2d5f49942d70cb7e1212de296335ad3bd720d4853b97048963bc8674

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:17 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		490 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qW&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2fb62d05e44f9ec3b13e953ad5d4c3527585ecea07022cb9afdeec756930fccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:17 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		486 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qX&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e24a1ab93ad521971e950c93d7780fb7576abd602300acf820c20030f600ed7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:17 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		723 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qY&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5a96348f6c51c72019576802f825660a2febb4b1dfa25610631afa218aa1fd7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:17 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qZ&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
512cc3026ff6135240d851259a24d545aff12fed406197dc6f549845e086e161

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:17 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
MBSHandler.js
cdn.megadata.co.kr/js/media/1.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 07:42:03 GMT
Server
Apache
ETag
"f4163a-25c6-587e2c51e28c0"
X-Cache-Status
EXPIRED, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
2552
HawkEyesMaker.js
img.mobon.net/js/common/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img.mobon.net/js/common/HawkEyesMaker.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
29f390053f1aab9b5a7b83d7294c9e1b43e2eacc7869bcd801a190a04b736eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 01:46:55 GMT
Server
Apache
ETag
"f40b52-1b005-60405fc56eb5a"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
37474
Montserrat-Light.woff
res.heraldm.com/font_new/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-Light.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
e0a93c553657f106f0c3fef50c552b0b0eaa93ad12d3add4db5c6e6cfa48647d

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:d9b8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
55736
NotoSansKR-Regular.woff2
res.heraldm.com/font_new/ 		970 KB
970 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Regular.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
b78ba9a9da795dc8e7b8cb0ccf7fbdb051625ea9e73d223e6c9462dfd82966c5

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:f274c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
993100
837688
www.mediacategory.com/script/common/media/ 		354 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/script/common/media/837688
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
1298217caeacd96042b0e6c68dd8732b67acdd015b29cb224d5feb4822a1c413

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:18 GMT
Connection
keep-alive
Content-Length
354
Content-Type
text/javascript
pc_right_6thumb1.html
ads.mncmedia.co.kr/mad/HERALDN/ 		245 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb1.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/5.2.17
Resource Hash
25af2d11b23dce7713b28880ca53672f22dece637fef3c918186d7f0d7eeb212

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
close
Content-Length
245
pc_right_6thumb2.html
ads.mncmedia.co.kr/mad/HERALDN/ 		243 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb2.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/5.2.17
Resource Hash
235930661c8b2c5e4266b42c5513d1ec3c89a95dc724dcc667596c136f11402f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:12 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
243
pc_right_6thumb3.html
ads.mncmedia.co.kr/mad/HERALDN/ 		251 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb3.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
13d59d707798611dea2b93c857117d34dc24e4a0ee65f74ccd55ad510f116e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
251
pc_right_6thumb4.html
ads.mncmedia.co.kr/mad/HERALDN/ 		250 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb4.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
68b2ac7707eedb9ae88401d90b213ef8476028e6571f553ee267446b30c089fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
250
pc_right_6thumb5.html
ads.mncmedia.co.kr/mad/HERALDN/ 		243 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb5.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/5.2.17
Resource Hash
fa1ad7864a46469b8e3528bb0634d55e66317c717c4f56a95acb627bf0fb8efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
243
pc_right_6thumb6.html
ads.mncmedia.co.kr/mad/HERALDN/ 		249 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_6thumb6.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
0dce97325752ec5dbd71d7cb5f0d0a35fecf9d62829e2abe964ebf218a32c4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=100
Content-Length
249
PelicanC.dll
media.adpnut.com/cgi-bin/ Frame 33E6 		849 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e868da2b3e69e48ae9e363a2b433bf66a9425eb81064e3c30379a594ed7dc5d

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:21 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qa&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
14b5308704b32d7851bdbfef07d3b75865345daed0c0baa9b050d2e2b0f0cd28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		757 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qb&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
609a925590f3e4ed4a4b72ecee5fd71534ae2a3fb712a7cf88eae809b1bee131

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
Montserrat-Medium.woff
res.heraldm.com/font_new/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-Medium.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
ef05fb17b7a17a3a3babe8d829aeccf6120662f038816b9ba760bf380db96ed1

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:e084"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
57476
666141
www.mediacategory.com/script/common/media/ 		354 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/script/common/media/666141
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
1298217caeacd96042b0e6c68dd8732b67acdd015b29cb224d5feb4822a1c413

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:18 GMT
Connection
keep-alive
Content-Length
354
Content-Type
text/javascript
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qc&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ef27dce070184c91dc78967fae3e0d2abe4e33aee447796b9ab665de40387a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ 		501 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08qd&lang=utf-8&out=copy
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
989fe861c731c208e4a289847fd015a075381a6c2c4eb3ed899f9a0d22d67392

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:19 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
pc_right_5thumb1.html
ads.mncmedia.co.kr/mad/HERALDN/ 		249 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_5thumb1.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/5.2.17
Resource Hash
6d0506e1c39f461bbc78a60be55f440be9a36cc4d9d1c458aeaf797c00df8932

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:12 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=99
Content-Length
249
pc_right_5thumb2.html
ads.mncmedia.co.kr/mad/HERALDN/ 		243 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_5thumb2.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
2d7ec3607ff3cc7c7b43fd82c849c7caabc1e49a814514066e5975bb5574f285

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=99
Content-Length
243
pc_right_5thumb3.html
ads.mncmedia.co.kr/mad/HERALDN/ 		249 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_5thumb3.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
a8c0c3075009a1221cfcf4309d19e52f8a44ba96faa9ef19fceae79c70cb73e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=99
Content-Length
249
pc_right_5thumb4.html
ads.mncmedia.co.kr/mad/HERALDN/ 		249 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_5thumb4.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/5.2.17
Resource Hash
ca814dd3a726abb8a65314b7c4efabc2c7fa6b2f22eeb78b01116f5a098594d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=99
Content-Length
249
pc_right_5thumb5.html
ads.mncmedia.co.kr/mad/HERALDN/ 		252 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.mncmedia.co.kr/mad/HERALDN/pc_right_5thumb5.html
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
39.127.249.22 , Korea, Republic Of, ASN23600 (GDNSKR-KR Korea Internet Security Agency, KR),
Reverse DNS
Software
Apache / PHP/7.1.5
Resource Hash
770d47e36d8bfa9f09df470b64b4beaa2c0b63eb9a6e08bdff77b93325c6f6eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
Apache
X-Powered-By
PHP/7.1.5
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=3, max=99
Content-Length
252
footer_sel.png
res.heraldm.com/nbiz_2020/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/nbiz_2020/images/footer_sel.png
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
450c459a78f98230f52cf564a2e748740d9e592937662a9dd6bfc4b18406caf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://res.heraldm.com/nbiz_2020/css/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Tue, 08 Dec 2020 07:16:50 GMT
ETag
"5fcf2862:68d"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1677
Expires
Sun, 05 Nov 2023 01:28:34 GMT
NotoSansKR-Thin.woff2
res.heraldm.com/font_new/ 		754 KB
755 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Thin.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
d8fca9a6ad43d6ff6926bf2e6355dfa048d6af909a08c31d3f0c110a0dc9b7ca

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:bc9d0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
772560
b
wcs.naver.com/ 		0
633 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wcs.naver.com/b
Requested by
Host: wcs.naver.net
URL: http://wcs.naver.net/wcslog.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
wcs /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://news.heraldcorp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:24 GMT
x-content-type-options
nosniff
server
wcs
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p
CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin
http://news.heraldcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Tue, 01 Jan 1980 09:00:00 GMT
acecounter_V2022.js
res.heraldm.com/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/js/acecounter_V2022.js
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
6a12290318101668afbfb470e1150ee6b47bedd2da25c7b2c078c7ec6752fc8d

Request headers

Referer
http://news.heraldcorp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 01 Nov 2023 11:12:17 GMT
Last-Modified
Fri, 26 Nov 2021 01:28:27 GMT
ETag
"61a0383b:49a1"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
18849
Expires
Fri, 06 Oct 2023 02:28:34 GMT
/
acelogger.heraldcorp.com/ 		0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://acelogger.heraldcorp.com/?cookie
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
110.93.135.40 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:20 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://acecounter.com/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Expires
Mon, 01 Jan 2002 00:00:00 GMT
reset.css
res.heraldm.com/nbiz_2020/css/ Frame 4FC8 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.heraldm.com/nbiz_2020/css/reset.css?pp=20201229091652
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.31.34.229 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
fed55fed1498e4a617d2335a3df309ff760d90747300cf29a60526d43c7b9906

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:18 GMT
last-modified
Thu, 07 Jan 2021 02:37:29 GMT
etag
"5ff673e9:1eec"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
7916
expires
Fri, 06 Oct 2023 02:28:36 GMT
common.css
res.heraldm.com/nbiz_2020/css/ Frame 4FC8 		137 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.31.34.229 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
aa1b1f126848501aaafcc8a3b57c09394082069e64a82e7d621812eb211fa829

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:18 GMT
last-modified
Wed, 09 Aug 2023 06:09:51 GMT
etag
"64d32daf:223b1"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
140209
expires
Fri, 06 Oct 2023 02:28:36 GMT
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame 4FC8 		602 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hS&out=script
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ddbaa30474a0dd8dcae3f15cf0911c9077e1bdd6de7ab8b0481ab95697573680

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame 4FC8 		760 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hT&out=script
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64af25e95b887300c56cdec9b73b7db3ed010c394fe596c4a53cdf980e9b33d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
tend.js
js.ad4989.co.kr/common/js/ Frame 4FC8 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Protocol
HTTP/1.1
Server
1.224.180.63 Yuseong-gu, Korea, Republic Of, ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 07:20:32 GMT
ETag
"616fc340:1aea"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6890
1684378016866.jpg
cdn14.ad4989.co.kr/03RW/0L0U/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn14.ad4989.co.kr/03RW/0L0U/1684378016866.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
58.151.94.210 Gwangmyeong, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx /
Resource Hash
3e304d1e70ca6d8b0ddef0f8876e30071b1ce10090ec46c421c0a6bd8a9f26ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:20 GMT
Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Wed, 01 Nov 2023 03:27:45 GMT
Server
nginx
ETag
"6541c5b1-b281"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
45697
X-Proxy-Cache
HIT
1698819298875.gif
cdn1.ad4989.co.kr/03_n6/0L_j5/ 		494 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn1.ad4989.co.kr/03_n6/0L_j5/1698819298875.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
27.102.220.22 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
DaouIDC /
Resource Hash
510a2db0bbb9effa3b2f00a2adb1b782c9b64775352faf4b64a7fd1ce1eb026c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
Last-Modified
Wed, 01 Nov 2023 06:17:49 GMT
Server
DaouIDC
Connection
close
Accept-Ranges
bytes
Content-Length
505812
Content-Type
image/gif
1698803775261.jpg
cdn2.ad4989.co.kr/03_n3/0L_j1/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn2.ad4989.co.kr/03_n3/0L_j1/1698803775261.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
139.150.249.152 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
da89e7bc599b6f9cfccaf006d63215a7ec23f07e9a9128596aaebad1587dd528

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Last-Modified
Wed, 01 Nov 2023 01:59:05 GMT
Server
nginx/1.14.1
ETag
"6541b0e9:1a2fc"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
107260
1668482265929.jpg
cdn8.ad4989.co.kr/01Y_g/0LT_k/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn8.ad4989.co.kr/01Y_g/0LT_k/1668482265929.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
125.141.213.35 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
18e27e94e153c92c616cd76dd68cf060fe052aa24a20a1302082775cf54f5fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Tue, 28 Feb 2023 05:18:13 GMT
Server
nginx/1.14.1
Age
0
ETag
"63fd8e95:bfa4"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
49060
1680680204325.jpg
cdn3.ad4989.co.kr/01IT/0KZO/ 		288 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn3.ad4989.co.kr/01IT/0KZO/1680680204325.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
ff62dc9f8def2033a0fa233f572f9c6682f7c1e5c9dced2587bd2e402f7d91b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Fri, 27 Oct 2023 06:29:55 GMT
ETag
"653b58e3:47edd"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
294621
1668482265934.jpg
cdn7.ad4989.co.kr/01Y_g/0LT_k/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn7.ad4989.co.kr/01Y_g/0LT_k/1668482265934.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
211.110.12.12 Mapo-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
BBIDC /
Resource Hash
18e27e94e153c92c616cd76dd68cf060fe052aa24a20a1302082775cf54f5fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Tue, 28 Feb 2023 05:18:13 GMT
Server
BBIDC
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49060
1697096165445.gif
cdn10.ad4989.co.kr/03_m_i/0L_iH/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn10.ad4989.co.kr/03_m_i/0L_iH/1697096165445.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
220.117.190.150 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
57b88d9e98b94d83948c81824faabe0d6936fd0af24ae04cd895d4f2630dfada

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:20 GMT
Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Thu, 26 Oct 2023 07:16:20 GMT
Server
nginx
ETag
"653a1244-8973"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
35187
X-Proxy-Cache
HIT
1698713311926.jpg
cdn11.ad4989.co.kr/03_j_e/0L_b2/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn11.ad4989.co.kr/03_j_e/0L_b2/1698713311926.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
1.237.47.65 Yongin-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
nginx /
Resource Hash
f87d75dccc5755a86f3e67905f666ede093a3952c4c75aa6717f29d8deb29850

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:21 GMT
Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Tue, 31 Oct 2023 00:48:49 GMT
Server
nginx
ETag
"65404ef1-5af1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
23281
X-Proxy-Cache
HIT
1694150789278.png
cdn13.ad4989.co.kr/03_m_b/0L_g_a/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn13.ad4989.co.kr/03_m_b/0L_g_a/1694150789278.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
211.226.25.220 Yongin-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
a68ba82216f79ac8e786cf125e92fc25fd7457b6949271afce698badefbc9f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:22 GMT
Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Tue, 10 Oct 2023 05:09:32 GMT
Server
nginx
ETag
"6524dc8c-421a8"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
270760
X-Proxy-Cache
HIT
1698819298917.gif
cdn14.ad4989.co.kr/03_n6/0L_j5/ 		494 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn14.ad4989.co.kr/03_n6/0L_j5/1698819298917.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
58.151.94.210 Gwangmyeong, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx /
Resource Hash
510a2db0bbb9effa3b2f00a2adb1b782c9b64775352faf4b64a7fd1ce1eb026c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:21 GMT
Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Wed, 01 Nov 2023 06:17:49 GMT
Server
nginx
ETag
"6541ed8d-7b7d4"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
505812
X-Proxy-Cache
HIT
NotoSansKR-Bold.woff2
res.heraldm.com/font_new/ 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Bold.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
735c1487dd2d6798ac4bd8220a4df616d2745a80c981398783f195e9f5c5e269

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:18 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:101678"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1054328
/
acelogger.heraldcorp.com/ 		95 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://acelogger.heraldcorp.com/?uid=010100000000&sv=AMZ2009090102&FCV=&url=news.heraldcorp.com/view.php%3Fud%3D20230803000456&ref=bookmark&cpu=unknown&bz=Chrome&bv=118.0&os=Windows%20NT&dim=1600*1200&cd=24&je=0&jv=12&tz=4&ul=en-us&ad_key=ud%3D20230803000456&skey=&age=0&gender=unknown&marry=unknown&join=&member_key=&jid=&udf1=&udf2=&udf3=&amt=0&frwd=&pd=2023-08-03%2013%3A52%3A19&ct=&ll=&ks=K&title=%uB9CC%uD2B8%uB7ED%2C%20%u2018%uBA64%uBC84%uC2ED%20%uD2B8%uB808%uC774%uB2DD%u2019%20%uC131%uB8CC%u2026%uC784%uC9C1%uC6D0%B7%uD30C%uD2B8%uB108%20%uD65C%uB3D9%20%uBC15%uCC28&aid=20230803000456&aname=%uAE40%uC131%uC6B0&atype=%uB274%uC2A4&RID=0.973120017230034&
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
110.93.135.40 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx /
Resource Hash
172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Thu, 16 Aug 2007 08:58:46 GMT
Server
nginx
ETag
"1698837141337225757-c0a8649d"
Transfer-Encoding
chunked
P3P
policyref="http://acecounter.com/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Content-Type
image/png
Connection
close
logger.lgr
hlogger.heraldcorp.com/logger/ 		3 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hlogger.heraldcorp.com/logger/logger.lgr?&gid=20230803000456&gtype=150&title=%EB%A7%8C%ED%8A%B8%EB%9F%AD%2C%20%26lsquo%3B%EB%A9%A4%EB%B2%84%EC%8B%AD%20%ED%8A%B8%EB%A0%88%EC%9D%B4%EB%8B%9D%26rsquo%3B%20%EC%84%B1%EB%A3%8C%26hellip%3B%EC%9E%84%EC%A7%81%EC%9B%90%26middot%3B%ED%8C%8C%ED%8A%B8%EB%84%88%20%ED%99%9C%EB%8F%99%20%EB%B0%95%EC%B0%A8&referer_url=&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&user_ip=81.95.5.35&cookie_value=1698837138&resolution=1600x1200&hostname=news.heraldcorp.com&protocol=http:
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
110.93.143.86 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx/1.20.1 / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Date
Wed, 01 Nov 2023 11:12:21 GMT
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
tend.js
js.ad4989.co.kr/common/js/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08jP&out=script
Protocol
HTTP/1.1
Server
1.224.180.63 Yuseong-gu, Korea, Republic Of, ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR),
Reverse DNS
Software
/
Resource Hash
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 07:20:32 GMT
ETag
"616fc340:1aea"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6890
view.php
news.heraldcorp.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news.heraldcorp.com/view.php?ud=20230803000456
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
182.173.183.2 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/view.php?ud=20230803000456
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:18 GMT
ETag
"0:da8b"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
default_close.png
l.newslab.co.kr/icon/ 		762 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.newslab.co.kr/icon/default_close.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.108.158.198 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
NCE /
Resource Hash
c7b0ad786dc054fd743e8637f66376f93c341694b3c336d88a5a063f821bed9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
last-modified
Mon, 29 Mar 2021 08:45:02 GMT
server
NCE
etag
"f21b8f-2fa-5bea8e5c17f80"
content-type
image/png
access-control-allow-origin
*
x-nce-cacheresult
HIT
accept-ranges
bytes
content-length
762
index_newsticker_ajax.php
news.heraldcorp.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://news.heraldcorp.com/index_newsticker_ajax.php
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
182.173.183.2 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx /
Resource Hash
c6827d67a772e01ddbfd109f34240505f05e4ccf454cd53c464f06835e4d5b4d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://news.heraldcorp.com/view.php?ud=20230803000456
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 11:12:17 GMT
Server
nginx
Connection
close
Transfer-Encoding
chunked
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
pelicanc.dll
ad.adinc.kr/cgi-bin/ 		600 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/pelicanc.dll?impr&jquerycallback=jQuery111107691498385336244_1698837133498&pageid=08jP&slot=1,0&lang=utf-8&out=json&_=1698837133499
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
be2f8c4c5b1e60ac194bca122d362942eff37605dbc7146ebc838c3392698b83

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:22 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
recommend
kr.popin.cc/popin_discovery/ 		37 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kr.popin.cc/popin_discovery/recommend?mode=new&url=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&media=biz.heraldcorp.com&agency=adinc&device=pc&extra=windows&topn=20&ad=10&uid=fc2cb3482c4162e0e331698833534665&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE4LjAuNTk5MyIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii92aWV3LnBocCIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiIlMjIlRUIlQTclOEMlRUQlOEElQjglRUIlOUYlQUQlMkMlMjAlRTIlODAlOTglRUIlQTklQTQlRUIlQjIlODQlRUMlOEIlQUQlMjAlRUQlOEElQjglRUIlQTAlODglRUMlOUQlQjQlRUIlOEIlOUQlRTIlODAlOTklMjAlRUMlODQlQjElRUIlQTMlOEMlRTIlODAlQTYlRUMlOUUlODQlRUMlQTclODElRUMlOUIlOTAlQzIlQjclRUQlOEMlOEMlRUQlOEElQjglRUIlODQlODglMjAlRUQlOTklOUMlRUIlOEYlOTklMjAlRUIlQjAlOTUlRUMlQjAlQTglMjItJTIwJUVEJTk3JUE0JUVCJTlGJUI0JUVCJTkzJTlDJUVBJUIyJUJEJUVDJUEwJTlDIiwidXNlcl90ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6Im5ld3MuaGVyYWxkY29ycC5jb20iLCJ1c2VyX3RkX2RldmljZSI6InBjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY5ODgzNzEzNDY2OCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&r_category=all&country=kr&redirect=true&callback=popInRequestCallBack0
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.174 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
eaf5b77f5331d8ae99a406bcd3cc58afd0967997b3b2e6a322573bc627b6420f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Content-Encoding
gzip
Server
nginx/1.13.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWlkIjoiZmMyY2IzNDgyYzQxNjJlMGUzMzE2OTg4MzM1MzQ2NjUiLCJtZWRpYSI6ImJpei5oZXJhbGRjb3JwLmNvbSIsImRldmljZSI6InBjIiwidXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE4LjAuNTk5MyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiJ9&t=1698837138148
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:18 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJ1aWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsIm1lZGlhIjoiYml6LmhlcmFsZGNvcnAuY29tIiwiZGV2aWNlIjoicGMiLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MCwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTguMC41OTkzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2IiwiZ2VvX2NvdW50cnkiOiJrciJ9&t=1698837138150
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:18 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adBanner
www.mediacategory.com/servlet/ Frame A047
Redirect Chain
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
fdd72327e22ee7248d0072cc64b26cb12644d4dd510da710ce10e09dc4ba79df

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:18 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Wed, 01 Nov 2023 11:12:18 GMT
Location
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Server
nginx
adBanner
www.mediacategory.com/servlet/ Frame 7608
Redirect Chain
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
554e7f0d3808e1ce3adc7f95944e443e64d35b35c4621c3f5efdfa0eda50d864

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:18 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Wed, 01 Nov 2023 11:12:18 GMT
Location
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Server
nginx
iadbn
www.mediacategory.com/servlet/ Frame EBA9
Redirect Chain
  • http://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99
  • https://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99&sslRedirect=Y
0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99&sslRedirect=Y
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Nov 2023 11:12:18 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Wed, 01 Nov 2023 11:12:18 GMT
Location
https://www.mediacategory.com/servlet/iadbn?from=&s=5788&psb=99&sslRedirect=Y
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame DA7B 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNM5CAK7NIHpen_Loju-c2acypA4lkJN6e6rHTWx4jkctnrMeVQZn3HLyVSFoO_aWnWO2qijmmrT_rIZ923dHMCkGpHIhqkXV_64g&sig=Cg0ArKJSzK7Q0t5vZh_kEAE&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2345984318&rs=4&la=0&cr=0&vs=4&r=v&rst=1698837135319&rpt=160&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 98D6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vBQRSBtHU8SFIeDX31tON_cNDG9eNmdsIvamh0PRHDuyVgPXOmgIE7sr9c421r-HRD7KUoQNtcvk-GcXMrqmI1zSyj9O_ftVw7uPPCmyK-TDpGsRUu4K00BJcjI4233_KEZDgk8Sru61cQgy7jAfrjiqBPhMztTMDyahhQizdr7901yEupWKR50_a53ki7-9JGXl8IdNUiQSMA2SEPiIyz1fZSY_K9q6qzMI5H-6nbCFCFCNGNHxcnR_1cM&sds=2&rev=89121&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 11:12:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
169537547667_24.png
mncimg.jpg2.kr/banner/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169537547667_24.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
23ce65cb8d9a3f11db99a969080a626e8374054d3fb533ed6c5e8f2f234d8872

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Fri, 22 Sep 2023 09:38:03 GMT
Server
httpv2(13.12)
ETag
"650d607b-2f64"
Content-Type
image/png
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12132
Expires
Wed, 01 Nov 2023 11:17:19 GMT
169858994959_21.gif
mncimg.jpg2.kr/banner/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169858994959_21.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
d428c7ac629b28a8ad5dbb115fd7eb28e82c461190a8d15946279f3cd33133e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Sun, 29 Oct 2023 14:32:30 GMT
Server
httpv2(13.12)
ETag
"653e6cfe-3230"
Content-Type
image/gif
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12848
Expires
Wed, 01 Nov 2023 11:17:19 GMT
adBanner
www.mediacategory.com/servlet/ Frame 48EE
Redirect Chain
  • http://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1
  • https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Requested by
Host: img.mobon.net
URL: http://img.mobon.net/js/common/HawkEyesMaker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
df2b77604e1765452d3f5a490f5bccb3b9e551776f4d02de4a1474e2325531d2

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:19 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Wed, 01 Nov 2023 11:12:18 GMT
Location
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Server
nginx
169042187071_29.jpg
mncimg.jpg2.kr/banner/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169042187071_29.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
e620e7b947cf900fd1c95cbe0e810c7b2e5ae7991c2af25260a31328b24a99d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Thu, 27 Jul 2023 01:37:57 GMT
Server
httpv2(13.12)
ETag
"64c1ca75-78d8"
Content-Type
image/jpeg
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30936
Expires
Wed, 01 Nov 2023 11:17:19 GMT
169162981763_37.jpeg
mncimg.jpg2.kr/banner/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169162981763_37.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
ed7cdf9848d354144f9d2c984c32194a896a8cabbc9e5118ba97a6af951d1408

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Thu, 10 Aug 2023 01:10:18 GMT
Server
httpv2(13.12)
ETag
"64d438fa-2bf2"
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11250
169876901261_20.gif
mncimg.jpg2.kr/banner/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169876901261_20.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
6b8007125b42fe705375e8f1939e8ded49e7751bd82f7a6fa0aed0390c4f4ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Tue, 31 Oct 2023 16:16:52 GMT
Server
httpv2(13.12)
ETag
"65412874-5cc0"
Content-Type
image/gif
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23744
Expires
Wed, 01 Nov 2023 11:17:21 GMT
ad
dsp.mobwithad.com/v1/ Frame B598 		511 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
ab014815136a1e857de107009645c4ebca275f85814b1223a573da0c75e42ed4

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
169819649123_0.jpeg
mncimg.jpg2.kr/banner/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169819649123_0.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
ed7cdf9848d354144f9d2c984c32194a896a8cabbc9e5118ba97a6af951d1408

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Wed, 25 Oct 2023 01:14:53 GMT
Server
httpv2(13.12)
ETag
"65386c0d-2bf2"
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11250
1680680204302.jpg
cdn14.ad4989.co.kr/01IT/0KZO/ 		288 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn14.ad4989.co.kr/01IT/0KZO/1680680204302.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
58.151.94.210 Gwangmyeong, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx /
Resource Hash
ff62dc9f8def2033a0fa233f572f9c6682f7c1e5c9dced2587bd2e402f7d91b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:22 GMT
Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Fri, 27 Oct 2023 06:29:55 GMT
Server
nginx
ETag
"653b58e3-47edd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
294621
X-Proxy-Cache
HIT
1665022400859.gif
cdn2.ad4989.co.kr/03W4/0LR_d/ 		441 KB
441 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn2.ad4989.co.kr/03W4/0LR_d/1665022400859.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
139.150.249.152 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
91be2d5c256883932facae8c617d4f531a987842876ba4e0fb38ce3fe10eea7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Last-Modified
Tue, 28 Feb 2023 08:00:40 GMT
Server
nginx/1.14.1
ETag
"63fdb4a8:6e35a"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
451418
1698803775238.jpg
cdn8.ad4989.co.kr/03_n3/0L_j1/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn8.ad4989.co.kr/03_n3/0L_j1/1698803775238.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
125.141.213.35 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
da89e7bc599b6f9cfccaf006d63215a7ec23f07e9a9128596aaebad1587dd528

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Wed, 01 Nov 2023 05:47:58 GMT
Server
nginx/1.14.1
Age
222
ETag
"6541e68e:1a2fc"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
107260
HB_sub_highlight_300
adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/ Frame 8781 		350 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300?__r=1
Requested by
Host: adw.heraldm.com
URL: http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300
Protocol
HTTP/1.1
Server
110.93.135.40 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
nginx /
Resource Hash
30b32b2eca890c9857966e9759ec185c1fa8c030e0497f30b28232579d164b57

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
text/html; charset="UTF-8"
Date
Wed, 01 Nov 2023 11:12:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
close
Transfer-Encoding
chunked
P3P
CP="CAO DSP CURa ADMa TAIa PSAa OUR LAW STPPHY ONL UNI PUR FIN COM NAV INT DEM STA PRE"
hbview.json
news.heraldcorp.com/common_xml/ad/ 		31 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://news.heraldcorp.com/common_xml/ad/hbview.json?pp=A_20231111200
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
182.173.183.2 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
0071dd9e2fed89ed36b3e3a064bfcc613047e812f48019df77b7dc0d5ccf56f6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://news.heraldcorp.com/view.php?ud=20230803000456
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Wed, 01 Nov 2023 11:12:02 GMT
ETag
"65423282:7ac8"
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
31432
climate.css
res.heraldm.com/climate/ Frame 4FC8 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.heraldm.com/climate/climate.css
Requested by
Host: res.heraldm.com
URL: https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.31.34.229 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
0ce8bd18ed798bdf9488ed0610cedeccdd6611851c71c9b12bc88bb2ce388488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:19 GMT
last-modified
Mon, 10 Jul 2023 01:57:04 GMT
etag
"64ab6570:4cd"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
1229
expires
Fri, 06 Oct 2023 02:28:35 GMT
ad
dsp.mobwithad.com/v1/ Frame E060 		511 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9138&count=1&output=html&auid=d6a540b83c2070b4286bca7218b8a9503f2-2bf2&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837688%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
4f27d875a65b1882636a0737e717cdda578add27daaf281c06d9139fff2b2056

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
169819649123_1.jpeg
mncimg.jpg2.kr/banner/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169819649123_1.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
ed7cdf9848d354144f9d2c984c32194a896a8cabbc9e5118ba97a6af951d1408

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 25 Oct 2023 01:14:54 GMT
Server
httpv2(13.12)
ETag
"65386c0e-2bf2"
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11250
169858995016_23.gif
mncimg.jpg2.kr/banner/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169858995016_23.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
d428c7ac629b28a8ad5dbb115fd7eb28e82c461190a8d15946279f3cd33133e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Sun, 29 Oct 2023 14:32:30 GMT
Server
httpv2(13.12)
ETag
"653e6cfe-3230"
Content-Type
image/gif
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12848
Expires
Wed, 01 Nov 2023 11:17:22 GMT
169819649123_2.jpeg
mncimg.jpg2.kr/banner/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169819649123_2.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
ed7cdf9848d354144f9d2c984c32194a896a8cabbc9e5118ba97a6af951d1408

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 25 Oct 2023 01:14:54 GMT
Server
httpv2(13.12)
ETag
"65386c0e-2bf2"
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11250
169318149072_38.gif
mncimg.jpg2.kr/banner/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169318149072_38.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
cdf4be3a3602edd7ca1fc512a7fc2d39fd47952d6d801073dd66f250de56c509

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Mon, 28 Aug 2023 00:11:29 GMT
Server
httpv2(13.12)
ETag
"64ebe631-1fcd5"
Content-Type
image/gif
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
130261
Expires
Wed, 01 Nov 2023 11:17:22 GMT
169710615252_29.jpeg
mncimg.jpg2.kr/banner/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mncimg.jpg2.kr/banner/169710615252_29.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
14.129.167.86 , Korea, Republic Of, ASN9286 (KINXIDC-AS-KR KINX, KR),
Reverse DNS
Software
httpv2(13.12) /
Resource Hash
786a5e1f2a1beb765ded483ba651c9b6e4b01b1537473e11eff5bd84c4ce3a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Thu, 12 Oct 2023 10:22:32 GMT
Server
httpv2(13.12)
ETag
"6527c8e8-1493"
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5267
20230626_mousedoctor_%20300+150.png
res.heraldm.com/HeraldResource/doubleuad/biz/ Frame 8781 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://res.heraldm.com/HeraldResource/doubleuad/biz/20230626_mousedoctor_%20300+150.png
Requested by
Host: adw.heraldm.com
URL: http://adw.heraldm.com/cgi-bin/conad.fcgi/heraldbiz/HB_sub_highlight_300
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
84d523dac7e9663486d01e2fd0bd9f939b265b70b18337ef72ac3f3fc8b710f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://adw.heraldm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:19 GMT
Last-Modified
Mon, 26 Jun 2023 00:29:10 GMT
ETag
"6498dbd6:4cf2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
19698
Expires
Sun, 05 Nov 2023 01:28:34 GMT
Montserrat-Light.woff
res.heraldm.com/font_new/ Frame 4FC8 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res.heraldm.com/font_new/Montserrat-Light.woff
Requested by
Host: res.heraldm.com
URL: https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.31.34.229 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
e0a93c553657f106f0c3fef50c552b0b0eaa93ad12d3add4db5c6e6cfa48647d

Request headers

Referer
https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Origin
http://ad.adinc.kr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 11:12:19 GMT
last-modified
Thu, 14 Mar 2019 08:35:17 GMT
accept-ranges
bytes
etag
"5c8a1245:d9b8"
content-length
55736
content-type
application/font-woff
1670378445169.gif
cdn3.ad4989.co.kr/03_iJ/0LUH/ 		429 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn3.ad4989.co.kr/03_iJ/0LUH/1670378445169.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
336119c566bd688102807661782c7af17372f777ff822108d6a97782c75b90b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Mon, 12 Dec 2022 04:48:20 GMT
ETag
"6396b294:6b4b6"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
439478
1698819298640.gif
cdn7.ad4989.co.kr/03_n6/0L_j5/ 		494 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn7.ad4989.co.kr/03_n6/0L_j5/1698819298640.gif
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
211.110.12.12 Mapo-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
BBIDC /
Resource Hash
510a2db0bbb9effa3b2f00a2adb1b782c9b64775352faf4b64a7fd1ce1eb026c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 01 Nov 2023 06:17:48 GMT
Server
BBIDC
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
505812
ad
dsp.mobwithad.com/v1/ Frame 1421 		511 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=8822&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D666141%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
a1fc1c5315f60ab9637f05f02ecee94a35373eeb0fd9b1f100a43f3d4c47c391

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?from=&location=http%3A//news.heraldcorp.com/view.php%3Fud%3D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:18 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 6FFA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
8afac2f59a6fae2fdc598b65283b254c5dc5346663ed97f5fe889bd5727b746b

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:20 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
adBanner
www.mediacategory.com/servlet/ Frame EC2E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9138&count=1&output=html&auid=d6a540b83c2070b4286bca7218b8a9503f2-2bf2&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837688%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
6fa53de8f2ffa90efcf1897cd7a7765a3b5d566a8210853a19b051c661f5e3b9

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:19 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
adBanner
www.mediacategory.com/servlet/ Frame C594 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=8822&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D666141%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
d3028f66d759cbe51e353b8ac52e151580f3a2cb88426b79f65641bd2cdce9e1

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:19 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 6FFA 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:20 GMT
publishertag.js
static.criteo.net/js/ld/ Frame EC2E 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:20 GMT
cdb
bidder.criteo.com/ Frame EC2E 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&cb=17143569724
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 6254 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:19 GMT
server
Kestrel
server-processing-duration-in-ticks
318257
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 6FFA 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&cb=29583770128
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 324D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:20 GMT
server
Kestrel
server-processing-duration-in-ticks
330980
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 324D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kwVmBXxJZHRhalB5WHp4R1JzeGc5a2FCYW9ZQVA3QnIra0VMUVFKQU1HSnJZMDVZWUQxTnMyTk1DQXAwWlFDZkpLUE5xeEhqVExmMldWSUdMRXhWc0NhUnZVZFFCUG5wRjhJS0hMMWxkV2tJZzFGSk4yY2xnSXFEcDhYZk...
433 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kwVmBXxJZHRhalB5WHp4R1JzeGc5a2FCYW9ZQVA3QnIra0VMUVFKQU1HSnJZMDVZWUQxTnMyTk1DQXAwWlFDZkpLUE5xeEhqVExmMldWSUdMRXhWc0NhUnZVZFFCUG5wRjhJS0hMMWxkV2tJZzFGSk4yY2xnSXFEcDhYZkdIU1JKVE5Ca0taUkZ5Skt3ajFDVEVKWmFHa1M2M0JkalBJd0pobXBwcklkdzd3VVVkK2xmcVZ2bzBWVGZqRzlaa0hyaWZaSzNKNnZiMWFYbHB4bnR1N3phOWVsSm1mK1pmQzFJYXJGSklpVUpWU21kbTA3TWhJeUQxNGpMSjh4T21YdzBDcEEzMEJQWmFITDhIQ25EY0N3MGNSZVo1ME9oN01lc3J3UGxUZWdMaHFtTlFHdz18&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e48a2214bba7341743419b9bda526f1a4214f2f63a9c330d78a7eb43378d2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1385685
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kwVmBXxJZHRhalB5WHp4R1JzeGc5a2FCYW9ZQVA3QnIra0VMUVFKQU1HSnJZMDVZWUQxTnMyTk1DQXAwWlFDZkpLUE5xeEhqVExmMldWSUdMRXhWc0NhUnZVZFFCUG5wRjhJS0hMMWxkV2tJZzFGSk4yY2xnSXFEcDhYZkdIU1JKVE5Ca0taUkZ5Skt3ajFDVEVKWmFHa1M2M0JkalBJd0pobXBwcklkdzd3VVVkK2xmcVZ2bzBWVGZqRzlaa0hyaWZaSzNKNnZiMWFYbHB4bnR1N3phOWVsSm1mK1pmQzFJYXJGSklpVUpWU21kbTA3TWhJeUQxNGpMSjh4T21YdzBDcEEzMEJQWmFITDhIQ25EY0N3MGNSZVo1ME9oN01lc3J3UGxUZWdMaHFtTlFHdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
409136
content-length
0
expires
0
adBanner
www.mediacategory.com/servlet/ Frame 99EA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
3ff2dd2a4a612a1f2b87d7c75edf5b1fe2523fdf3af0b3b311c8f0652f375d5c

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:20 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 6FFA 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 6FFA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
pixel.gif
static.criteo.net/images/ Frame 6FFA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3497&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
sid
mug.criteo.com/ Frame 6254
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=UOndzXx2Z3JCWU1SMktXclRMTDNkdGtBdGVoNGN0ZEpFelpJbTJyK2RlcVpXeEVsMTVWMFhWOVlKMDJZWDF6WmVlc1NHcjBHRGlQQjBxbzFqQk9EWGFQT0VpNHo3a2dwOVNRU3lwUmlFZEFPSGhwL1g5U0lXTkFreDhtcX...
438 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UOndzXx2Z3JCWU1SMktXclRMTDNkdGtBdGVoNGN0ZEpFelpJbTJyK2RlcVpXeEVsMTVWMFhWOVlKMDJZWDF6WmVlc1NHcjBHRGlQQjBxbzFqQk9EWGFQT0VpNHo3a2dwOVNRU3lwUmlFZEFPSGhwL1g5U0lXTkFreDhtcXRSQ0lKWjRlKzBSQ2RFV21NZjlIYzBsQ2NDbm5hYmhPdzF4L09mNTZCT3pkZTdRbXJVOTAzZDFjMk14Z1NaZDZldTdRZ2V5VW10QVQrZGI4TzdvNHRYZG1PZ1FqNWw3L04vQTFPZmtMRWh3Qm1kUUJobjJJM2l4SlNwSkswaklZZWRnWnN6TXBmc2pMMnNoMTdSb1B5bWNUZFp5bjgxNUQ0Y1lMb3pIQkVxV20zSzB5SnlBUT18&cppv=2
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f55cecd6f14f56211192a2a9e89689e16d2899ec397b9d66cc6d880fe560a1da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
723472
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=UOndzXx2Z3JCWU1SMktXclRMTDNkdGtBdGVoNGN0ZEpFelpJbTJyK2RlcVpXeEVsMTVWMFhWOVlKMDJZWDF6WmVlc1NHcjBHRGlQQjBxbzFqQk9EWGFQT0VpNHo3a2dwOVNRU3lwUmlFZEFPSGhwL1g5U0lXTkFreDhtcXRSQ0lKWjRlKzBSQ2RFV21NZjlIYzBsQ2NDbm5hYmhPdzF4L09mNTZCT3pkZTdRbXJVOTAzZDFjMk14Z1NaZDZldTdRZ2V5VW10QVQrZGI4TzdvNHRYZG1PZ1FqNWw3L04vQTFPZmtMRWh3Qm1kUUJobjJJM2l4SlNwSkswaklZZWRnWnN6TXBmc2pMMnNoMTdSb1B5bWNUZFp5bjgxNUQ0Y1lMb3pIQkVxV20zSzB5SnlBUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
295220
content-length
0
expires
0
pixel.gif
static.criteo.net/images/ Frame EC2E 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
pixel.gif
static.criteo.net/images/ Frame EC2E 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
adBanner
www.mediacategory.com/servlet/ Frame 87CE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
145e857fe86409dd6cdb0881658247c54e3ad1f593c1e882157a034e518ab6b2

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:20 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame EC2E 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
publishertag.js
static.criteo.net/js/ld/ Frame C594 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:20 GMT
cdb
bidder.criteo.com/ Frame C594 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=5WLGrV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnFreVlMd1F2dExBcW1WMjZqR1B5bSUyQjI3UGxqMGg0SG5wJTJGd05hbFJoT0FRVHN3b0pBVlZFNEFjS1lkaiUyRjRPcVN0UHZ4MXlMODJZMGdpZzRoUXVIeHdmWjBONlU2cU1QZnN2WnlLVkVPMTY2TWhEdzNKbmxiYXolMkZSJTJGV2FVeFFwY2clM0QlM0Q&cb=36926770600
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame FC1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:20 GMT
server
Kestrel
server-processing-duration-in-ticks
1045420
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame FC1A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=5WLGrV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnFreVlMd1F2dExBcW1WMj...
  • https://mug.criteo.com/sid?cpp=5ifI9XxyTDkraFBHdzB2K1MyQVZiWkRuMndhWmJWMXkrMjNmVGQwN1hwNlJ1UEFLRDZoamxvSFdzOU05S3hVWWk2WGlucHFxbjFUUHUrbWxnWnpIME1CZXNOU3B5YnJ6WlJOcTVPYUNlSk9kV0JLVVRsWVhqQnRHSWcxSX...
435 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5ifI9XxyTDkraFBHdzB2K1MyQVZiWkRuMndhWmJWMXkrMjNmVGQwN1hwNlJ1UEFLRDZoamxvSFdzOU05S3hVWWk2WGlucHFxbjFUUHUrbWxnWnpIME1CZXNOU3B5YnJ6WlJOcTVPYUNlSk9kV0JLVVRsWVhqQnRHSWcxSXo4ZjVxcjdtTGF1NFg5VSsyNmFVanF5MGNNSnBPakVTa2p0a2RWNnBxMGZ2VngyQ1FmbW9JUlJTK2cwZ0h1NFlGRFdQZHo0THQwOEpoOHN5WHl2SFZlMXZqb0VNY0RUMk5DbEpJTjUzbDF6TVh5MTM2alZSbEUxN3lUcGlzTDMwMzNndDBTMWZLeVNweTZIekgwald0dHhwcExISjdTQnN5RXk5RDFBVXFOYkZ0T2o1b21EVW11NzlpUXRiM2FIVmhaQWtWM3h4RXw&cppv=2
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
95a38889a64ef17a0178c4a96fceeea4c7aebd98c49e7e79bbe5859b0668bb55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
657202
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=5ifI9XxyTDkraFBHdzB2K1MyQVZiWkRuMndhWmJWMXkrMjNmVGQwN1hwNlJ1UEFLRDZoamxvSFdzOU05S3hVWWk2WGlucHFxbjFUUHUrbWxnWnpIME1CZXNOU3B5YnJ6WlJOcTVPYUNlSk9kV0JLVVRsWVhqQnRHSWcxSXo4ZjVxcjdtTGF1NFg5VSsyNmFVanF5MGNNSnBPakVTa2p0a2RWNnBxMGZ2VngyQ1FmbW9JUlJTK2cwZ0h1NFlGRFdQZHo0THQwOEpoOHN5WHl2SFZlMXZqb0VNY0RUMk5DbEpJTjUzbDF6TVh5MTM2alZSbEUxN3lUcGlzTDMwMzNndDBTMWZLeVNweTZIekgwald0dHhwcExISjdTQnN5RXk5RDFBVXFOYkZ0T2o1b21EVW11NzlpUXRiM2FIVmhaQWtWM3h4RXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
279644
content-length
0
expires
0
pixel.gif
static.criteo.net/images/ Frame C594 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
pixel.gif
static.criteo.net/images/ Frame C594 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:20 GMT
adBanner
www.mediacategory.com/servlet/ Frame F64A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
f6f49fb64035e430aff73adfc28321fda9bacb18288e4ce7a71c2bdeeee3a137

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:19 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame C594 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%253A%2F%2Fnews.heraldcorp.com%2Fview.php%253Fud%253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
1694397228733.jpg
cdn1.ad4989.co.kr/04_tT/0P_uI/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn1.ad4989.co.kr/04_tT/0P_uI/1694397228733.jpg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
27.102.220.22 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
DaouIDC /
Resource Hash
7bcf26cdc56a35a516a936eb7c5ca47af7c879fb0ed7f205b725a2e2b0d703a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
Last-Modified
Tue, 31 Oct 2023 06:09:48 GMT
Server
DaouIDC
Connection
close
Accept-Ranges
bytes
Content-Length
16271
Content-Type
image/jpeg
Montserrat-Bold.woff
res.heraldm.com/font_new/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/Montserrat-Bold.woff
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
895005886988e7a24372f928fede19a1a854b5f4f1b08f32cba8060250652e7f

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Thu, 14 Mar 2019 08:35:17 GMT
ETag
"5c8a1245:decc"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
57036
NotoSansKR-Black.woff2
res.heraldm.com/font_new/ 		1008 KB
1008 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://res.heraldm.com/font_new/NotoSansKR-Black.woff2
Requested by
Host: res.heraldm.com
URL: http://res.heraldm.com/nbiz_2020/css/common.css
Protocol
HTTP/1.1
Server
182.173.183.74 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
73c9ead27bdd805aadf3fc1aff5c7272c11a63a069f732e2757d0f20ced57867

Request headers

Referer
http://res.heraldm.com/nbiz_2020/css/common.css
Origin
http://news.heraldcorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Wed, 24 Oct 2018 01:46:59 GMT
ETag
"5bcfcf13:fbfb4"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1032116
referrer_ext.js
img.mobon.net/mediaCategory/js/ Frame 87CE 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/js/referrer_ext.js?ver=0.1
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6de82aa12d52e0970b0c0ffb7de65f8dc018844ad16de368dbf9a79bcb959a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:20 GMT
Last-Modified
Wed, 23 Dec 2020 07:10:19 GMT
Server
Apache
ETag
"f225a6-4fd-5b71c624c62f4"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1277
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 87CE 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7578c2d27c3b487ed902eeb5a60ae96005188e4f8f75c48ae4a0b25d90a60a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
server
cafe
etag
925 / 19662 / 31079290 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:12:20 GMT
ad
dsp.mobwithad.com/v1/ Frame 9224 		535 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
d3597e843ad46b63ecdc3cf5f6cf00091f54676223c096447ebcf36541674453

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:19 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
referrer_ext.js
img.mobon.net/mediaCategory/js/ Frame F64A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/js/referrer_ext.js?ver=0.1
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6de82aa12d52e0970b0c0ffb7de65f8dc018844ad16de368dbf9a79bcb959a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:21 GMT
Last-Modified
Wed, 23 Dec 2020 07:10:19 GMT
Server
Apache
ETag
"f225a6-4fd-5b71c624c62f4"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1277
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F64A 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b479ba5c5c1f44188ee5569cfdb4283e14168c88b8ae280d074732cfefef5d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29983
x-xss-protection
0
server
cafe
etag
54 / 19662 / m202310250101 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:12:20 GMT
adBanner
www.mediacategory.com/servlet/ Frame 1787 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
54382779578cadd369198f376339fedcdc06c6534f00e88d402ee299bb486e72

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:20 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame A306 		551 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141136
Requested by
Host: js.ad4989.co.kr
URL: http://js.ad4989.co.kr/common/js/tend.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6b3cbe189743a8e5fc4bb15ef45a2f7ea9a1bfce44473a3470bf68cc4e95517e

Request headers

Referer
http://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08hR&out=iframe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Date
Wed, 01 Nov 2023 11:12:22 GMT
Server
Microsoft-IIS/10.0
NotoSansKR-Regular.woff2
res.heraldm.com/font_new/ Frame 4FC8 		970 KB
970 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res.heraldm.com/font_new/NotoSansKR-Regular.woff2
Requested by
Host: res.heraldm.com
URL: https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.31.34.229 , Korea, Republic Of, ASN38690 (HYOSUNGITX-AS-KR HyosungITX, KR),
Reverse DNS
Software
/
Resource Hash
b78ba9a9da795dc8e7b8cb0ccf7fbdb051625ea9e73d223e6c9462dfd82966c5

Request headers

Referer
https://res.heraldm.com/nbiz_2020/css/common.css?pp=20201229101825
Origin
http://ad.adinc.kr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 11:12:21 GMT
last-modified
Wed, 24 Oct 2018 01:46:59 GMT
accept-ranges
bytes
etag
"5bcfcf13:f274c"
content-length
993100
content-type
application/octet-stream
publishertag.js
static.criteo.net/js/ld/ Frame 1787 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:21 GMT
tend.js
js.ad4989.co.kr/common/js/ Frame 33E6 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
yyBcFS3k
adex.ednplus.com/xc/h/ Frame 768A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adex.ednplus.com/xc/h/yyBcFS3k
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.36.37.118 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-36-37-118.ap-northeast-2.compute.amazonaws.com
Software
Oliver/0.4.0 /
Resource Hash
06d705974a55e8d203845287453d7e62fec1d49e6948943717c9e83b63def377

Request headers

Referer
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 11:12:21 GMT
p3p
CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma
no-cache
server
Oliver/0.4.0
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 1787 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=wgHIF19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNRQUtPbHNyREFRazdTTFc5V2lkN1BBdzN5ZXV4OG0lMkZYeXdYTTN2WUpkRW1zODBiNmQxQ1gwekFwVGVPaVZ3ajFuRGxNZGglMkZkZm9TSXN2RjJqaWhvU1B2NiUyRm9RTTlWWkMxWWpOYlZMVnYxcmVXM2hKaVpsQSUyRmNrSjdtU2o1V1h3JTNEJTNE&cb=75213308804
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame D9CB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
server
Kestrel
server-processing-duration-in-ticks
850718
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ Frame 87CE 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
71160
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135432
x-xss-protection
0
server
cafe
etag
13870563710225165476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 15:26:21 GMT
adBanner
www.mediacategory.com/servlet/ Frame 939C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
3c5a0c1080bf72ad6e10346aa664db9334fb73fc7a90063a37db6ef4ae217397

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:21 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 1787 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 1787 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:21 GMT
pixel.gif
static.criteo.net/images/ Frame 1787 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:21 GMT
sid
mug.criteo.com/ Frame D9CB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=wgHIF19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNRQUtPbHNyREFRazdTTF...
  • https://mug.criteo.com/sid?cpp=NpyRoHwzdFhjSyt1dGQ4QnR0SlpGZVpoZW5YeVVHU0VpZGlyeWRtV2VDcTNXU3hoR0hzaUhCUkFVQW1zZGJuZmlvbVZKMEFiWFlRNzZPcVpPMitqakt2eVNHa0YyZktoSE1qSWJGZGxJL2xweTlMYXBDczdEdjZEajhSK0...
428 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=NpyRoHwzdFhjSyt1dGQ4QnR0SlpGZVpoZW5YeVVHU0VpZGlyeWRtV2VDcTNXU3hoR0hzaUhCUkFVQW1zZGJuZmlvbVZKMEFiWFlRNzZPcVpPMitqakt2eVNHa0YyZktoSE1qSWJGZGxJL2xweTlMYXBDczdEdjZEajhSK0t3Y3cyU21BRkpQUWNPMDllRzI1R1NiUmFoRTN0RUlGSE0zVmgwS3FLOW5ZV0R6Qi8xd2ZyVCtHVng3ZDIraEJiam1MajZnbVd5QW1yZnc4azdEamtMSGhQcmhHSEtvTTc0akJwVTloVGhHYnV2a1I1Mmg2OW0zYm9CSjJubFgrQ1g2cW0zK2sxdHV5Mkp5R3l0VXMvcVZ5R09Zdng1RHhxQllTOFQ3VnVEb0h5emw0QzQvdXNJK3JYQ0tLSFNPM1NxNW53cnFzdHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a5ee51f8753ef44b2fcf5030f6c8d230d42e90e7625ee9edb87d715fc8e31a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
773973
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=NpyRoHwzdFhjSyt1dGQ4QnR0SlpGZVpoZW5YeVVHU0VpZGlyeWRtV2VDcTNXU3hoR0hzaUhCUkFVQW1zZGJuZmlvbVZKMEFiWFlRNzZPcVpPMitqakt2eVNHa0YyZktoSE1qSWJGZGxJL2xweTlMYXBDczdEdjZEajhSK0t3Y3cyU21BRkpQUWNPMDllRzI1R1NiUmFoRTN0RUlGSE0zVmgwS3FLOW5ZV0R6Qi8xd2ZyVCtHVng3ZDIraEJiam1MajZnbVd5QW1yZnc4azdEamtMSGhQcmhHSEtvTTc0akJwVTloVGhHYnV2a1I1Mmg2OW0zYm9CSjJubFgrQ1g2cW0zK2sxdHV5Mkp5R3l0VXMvcVZ5R09Zdng1RHhxQllTOFQ3VnVEb0h5emw0QzQvdXNJK3JYQ0tLSFNPM1NxNW53cnFzdHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
265959
content-length
0
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ Frame F64A 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
700
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135100
x-xss-protection
0
server
cafe
etag
11278338207436733902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 11:00:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 768A 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f013186b802f7894e0c955cb94aea361c8054e738b7ebab65800c085a0b4a9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30747
x-xss-protection
0
server
cafe
etag
981 / 19662 / 31079291 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:12:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 87CE 		478 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3965633116101905&correlator=4046737371037282&eid=44807410%2C31079290%2C31078660&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=83673359%3A3503216%2CN_bizherald_righttop_300_250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=www.mediacategory.com&abxe=1&dt=1698837141730&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=iwwb7hb2maj9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&nhd=5&url=biz.heraldcorp.com%2F&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456%26s%3D837688%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dcriteono&top=news.heraldcorp.com&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=367679290.1698837142&ga_sid=1698837142&ga_hid=106853016&ga_fc=false&dlt=1698837140741&idt=978&adks=3805782898&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21e75c717172aeaf8c8547d6d240a4726941f97054c64c8fd3557ad9d08de49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediacategory.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
expires
Thu, 31 Oct 2024 11:12:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F64A 		56 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220570519338804&correlator=2325712851083094&eid=31078659&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fif&iu_parts=83673359%3A3503216%2CN_bizherald_rightmiddle_300_250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=www.mediacategory.com&abxe=1&dt=1698837141763&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=h0ki2imp3eg2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&nhd=5&url=biz.heraldcorp.com&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456%26s%3D666141%26iwh%3D300_250%26igb%3D74%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dcriteono&top=news.heraldcorp.com&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1562079380.1698837142&ga_sid=1698837142&ga_hid=2135305991&ga_fc=false&dlt=1698837140827&idt=919&adks=2053459109&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ba5e74d3fceb284b15122dc3dae53b2e7b206fac5fdbe6ca14c688033f606c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediacategory.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D2A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
expires
Thu, 31 Oct 2024 11:12:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame 7F84 		587 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTY=&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141789
Requested by
Host: js.ad4989.co.kr
URL: http://js.ad4989.co.kr/common/js/tend.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a881d49563605518e50b6e1e99f7c92a0c091467af04c3d89997ebaa709122db

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Date
Wed, 01 Nov 2023 11:12:22 GMT
Server
Microsoft-IIS/10.0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ Frame 768A 		424 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 11:36:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
84940
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136180
x-xss-protection
0
server
cafe
etag
6663949485869648659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 11:36:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 87CE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0302b9353fb6cf625ab8f1d02c76612a4553d7a9536d1af099b74a7059d539a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12051
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F64A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d18620d7ea7a9a9ccf8d9745172aa08c63ff745f14f414b7d52ddf807f50ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12207
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 768A 		498 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050975260255827&correlator=1483096312168933&eid=31079299%2C31079291&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=136386782%3A3503216%2CPN%2CGPT_bizherald_pn_pc_300X315_mid_mid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x315&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=adex.ednplus.com&abxe=1&dt=1698837141896&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=315&scr_x=-12245933&scr_y=-12245933&ucis=wvfsyn1nyv8e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&nhd=2&url=https%3A%2F%2Fbiz.heraldcorp.com&loc=https%3A%2F%2Fadex.ednplus.com%2Fxc%2Fh%2FyyBcFS3k&top=media.adpnut.com&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=398835586.1698837142&ga_sid=1698837142&ga_hid=907697080&ga_fc=false&dlt=1698837141696&idt=169&adks=2289675714&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a0bed1ecf74431504572bb7468329103b834764a7ea7545d5dd4593b81cdce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adex.ednplus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAF3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
expires
Thu, 31 Oct 2024 11:12:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 87CE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 11:12:21 GMT
ad
dsp.mobwithad.com/v1/ Frame 009B 		559 B
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
148631c37d59e20c9abe8a8649bb2bd24445b35bfd7fd8d6715b4b838359c8a1

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525253A%2525252F%2525252Fnews.heraldcorp.com%2525252Fview.php%252525253Fud%252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:21 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F64A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 11:12:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E464 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 10:01:10 GMT
expires
Thu, 31 Oct 2024 10:01:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FAE8 		829 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2fe873ef1707592af913eae14f62bace9876235ee7241b37755e5a49761489cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fTfTwa7BjRSzWgVcX4gX4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fTfTwa7BjRSzWgVcX4gX4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
expires
Wed, 01 Nov 2023 11:12:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 768A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95bf6ea151eea56fda0958ef6fb9baab6e3d208dd983b9ed931d8e585dc9bcba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12073
x-xss-protection
0
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame E464 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 07:11:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2FC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 10:01:10 GMT
expires
Thu, 31 Oct 2024 10:01:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 34D3 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cf5b748cf9a426a20a0378ae4f424f5861a755d939f390bc5f68040a42dd517
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qJalkNew-niGxfFpehwXQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qJalkNew-niGxfFpehwXQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:22 GMT
expires
Wed, 01 Nov 2023 11:12:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame FAE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310260101&jk=3965633116101905&rc=
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 768A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 11:12:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 34D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310250101&jk=1220570519338804&rc=
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame D2FC 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 07:11:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02A2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 10:01:10 GMT
expires
Thu, 31 Oct 2024 10:01:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0A15 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ffa6a1b641eec8f6b0f3c96ff6c2023bd244601c92fe6f9e72de5dbe0552300c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n2TQoQOo4qTW_4CwaU3Y9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-n2TQoQOo4qTW_4CwaU3Y9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:22 GMT
expires
Wed, 01 Nov 2023 11:12:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adBanner
www.mediacategory.com/servlet/ Frame 8270 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
daddddf37e467f740a448ab4b7937972c317eacde77fa5d8d3c77d23b59d5fd6

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:21 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
generate_204
tpc.googlesyndication.com/ Frame E464 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h4tykg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tend_child.js
js.ad4989.co.kr/common/js/ Frame A306 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend_child.js
Requested by
Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges
bytes
etag
"5e539ef6:1164"
content-length
4452
content-type
application/javascript
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310300101&jk=3050975260255827&rc=
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 02A2 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 07:11:41 GMT
adBanner
www.mediacategory.com/servlet/ Frame 7042 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
f3bdd380ab6051b1d03748c25d325215041d3831eeafe9aad601b49517ed85ab

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:22 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
generate_204
tpc.googlesyndication.com/ Frame D2FC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?27MF2Q
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame A7C4 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
151229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame A7C4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
151229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame A7C4 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
151229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame A7C4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
151229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame A7C4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
151229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
css
fonts.googleapis.com/ Frame A7C4 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 10:02:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 11:12:22 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A7C4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 17:44:41 GMT
x-content-type-options
nosniff
server
cafe
age
62861
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2552
x-xss-protection
0
expires
Wed, 01 Nov 2023 17:44:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A7C4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
15241
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Nov 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame A7C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQkbRMjTqgKjVRZEzFp-CwcIHKJaNdrhSElpH9uMr7MlW2_WGwfm_jQZNgX2iXA6Oa6EX4AeIZ8EJjkKpiPptFcm6Dyw
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/16953483856359724462/ Frame A7C4 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16953483856359724462/2076313506083323656
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18b4f3ca5140ce0a302716fede6333d240dbab284cfea96b2321be58f202b63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 17:11:30 GMT
x-content-type-options
nosniff
age
410452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32577
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 01:49:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Oct 2024 17:11:30 GMT
truncated
/ Frame A7C4 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a54f8397777a9c65324f03c8daeeaaf91752b93e881682fc14995b6879524768

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A7C4 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b22156ec79a264173a27c008e3bfa7c5e3762b21fc5922e2f54c256686feec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7C4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mediacategory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options
nosniff
age
147219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 18:18:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7C4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mediacategory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 14:58:03 GMT
x-content-type-options
nosniff
age
332059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 14:58:03 GMT
passback
adex.ednplus.com/xc/h/yyBcFS3k/ Frame 793E 		155 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.36.37.118 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-36-37-118.ap-northeast-2.compute.amazonaws.com
Software
Oliver/0.4.0 /
Resource Hash
3836d4f3a5dfd118a210c21e53d220afcda1efd527da21cb8c063c1cab7276f6

Request headers

Referer
https://adex.ednplus.com/xc/h/yyBcFS3k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 11:12:22 GMT
p3p
CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma
no-cache
server
Oliver/0.4.0
vary
Accept-Encoding
mobon_reset.css
img.mobon.net/Frtb/common/css/ Frame 8270 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Mon, 29 Aug 2022 05:49:42 GMT
Server
Apache
ETag
"f0265d-238b-5e75ad48a2078"
X-Cache-Status
HIT, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
9099
jquery.js
img.mobon.net/Frtb/common/script/ Frame 8270 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/script/jquery.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0272e-16b3b-5935d7c543da4"
X-Cache-Status
MISS, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
92987
mobonStorage.js
img.mobon.net/js/ Frame 8270 		508 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Thu, 21 Apr 2022 07:04:20 GMT
Server
Apache
ETag
"f08574-1fc-5dd24b81768e7"
X-Cache-Status
MISS, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
508
webutil.js
img.mobon.net/newAd/common/ Frame 8270 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/common/webutil.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 18 Apr 2018 04:47:59 GMT
Server
Apache
ETag
"f40c8c-dd0-56a1828c66b1a"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3536
frame_default_script_S.js
img.mobon.net/Frtb/js/ Frame 8270 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/js/frame_default_script_S.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 10 May 2023 08:12:42 GMT
Server
Apache
ETag
"f011c6-76c6-5fb526fa391c8"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
30406
nr_type1.css
img.mobon.net/Frtb/common/css/ Frame 8270 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/nr_type1.css?124
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0116e-436-5935d7c53fb3c"
X-Cache-Status
MISS, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1078
bounceRate.js
img.mobon.net/js/ Frame 8270 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/bounceRate.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Thu, 04 Feb 2021 05:36:00 GMT
Server
Apache
ETag
"f07ff5-bf1-5ba7c14227b88"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3057
js-image-slider.js
img.mobon.net/rtb/js/ Frame 8270 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/rtb/js/js-image-slider.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"1001681-7b98-5935d7c54c65c"
X-Cache-Status
MISS, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
31640
1663308197612.png
cdn3.ad4989.co.kr/01Y_g/0KZS/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn3.ad4989.co.kr/01Y_g/0KZS/1663308197612.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
2dea4f55471791503b4d0677d404bf722e2e71b6156a901bc09e02248df659f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:22 GMT
Last-Modified
Tue, 28 Feb 2023 05:16:46 GMT
ETag
"63fd8e3e:10155"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
65877
publishertag.js
static.criteo.net/js/ld/ Frame 7042 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:22 GMT
tend_child.js
js.ad4989.co.kr/common/js/ Frame 7F84 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend_child.js
Requested by
Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTY=&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:21 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges
bytes
etag
"5e539ef6:1164"
content-length
4452
content-type
application/javascript
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A7C4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 17:44:41 GMT
x-content-type-options
nosniff
server
cafe
age
62861
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2552
x-xss-protection
0
expires
Wed, 01 Nov 2023 17:44:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A7C4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
15241
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Nov 2023 06:58:21 GMT
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame A306 		79 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&query=&lang=utf-8&cookieval=&tm=1698837142603&jquerycallback=foinCookie.setReferrer_local
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141136
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:23 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 02A2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-EW9Gg
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cdb
bidder.criteo.com/ Frame 7042 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=s-CmwV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm00Uk1vM0d6WHJGMXlSRTNwaUEydU1ENmNvclA1YWZNJTJCanZNZnhyRzNVMjE5M2FHUzVjV29jcXJqTEkwbUFJdk5oT1ZDY2dVT2I3ckU1b2lpazNCaDVYak5OZ212MEtOUkpaUVV3cXlWVDdiJTJCdTNpRjlHT0klMkJKQjFQUzNTWFpsdyUzRCUzRA&cb=73391957150
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adview
securepubads.g.doubleclick.net/pagead/ Frame A7C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDNdSlTJCZfKVMa-OjuwP0MSvmAbLiq_pc-Xl-5SJEpTLo8mCNRABIMecgyRglbr4gZQHoAG_n7DNKMgBCakCP3BVmae7sT7gAgCoAwHIAwqqBNYCT9AquiJLyH10nbhlIJfDJAFCDA5MHBLS7Fn7y60_bjp1facV8URH2retqG-PyR8cG8qZS-q2WRyyCHHHY21-kG5eXmWt7e7kQnkCYxpgNH67S1-XJTc4G5zZtRlplQ0cI3zCIuNFw111Pc8G7C_lAeWkbC5iCpXjDgbpQgdZOKYlbv4FHuc7TdIxf2IGNr34L0CGnIRub_PzTBur1d1DLaAe8KJ5eCuZg6dEDmziJFCtbe5zuzyhNwjI97dR8G4mW6vqosNYdPYdmI3x80yPlUtZbWmIcSHVxZciVW18dEK9lnh0AdUY3HSKcVr5RzN2YZEBxYB8Ifife0cyIYnnj1Yz7CsjGRPP8yrL1GSAPBg4-jQp-T_HcPunyBZXTZVo0NUgG2jOtQxjxY4e3YBf___uLkLRgBS7xTQIyoJ6PogwrWbcAv1y9D2yRFxrETsMV4Lc5QOIwATZ0enUmwTgBAGIBZyZ9_lEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_XgK0DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv7AU0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzI1MTMwODcxNjEyNzA3MJoJgwJodHRwczovL2RlcmlsYS5jb20vYXJ0aWNsZXMvcGVvcGxlLXNsZWVwLXdpdGgtcGFpbi0zP2w9ZGUmYz1ldXImdm5kcj1kZXJnZ3NpbSZzdWJpZDM9MTg1MDkzMTkzMjQmc3ViaWQ9MTQ0ODY0NjAyMzI5JnN1YmlkMj02Nzg1ODk5ODMwNzkmc3ViaWQ0PSZ1dG1fc291cmNlPUdvb2dsZSZ1dG1fbWVkaXVtPUNQQyZ1dG1fY2FtcGFpZ249MjN3NDJfQS1QQUlOJnV0bV90ZXJtPTIzdzQyX0EtUEFJTi1jb21iaW5lZF9pbWFnZXMmc3ViaWQzPTE4NTA5MzE5MzI0gAoDyAsB4g0TCOvE-MLVooIDFS-HgwcdUOILY7gT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTYxOTI5MjcyODYzNTExNRin6hc&sigh=MryU5WWl6Mk&uach_m=[]&ase=2&nis=5&cid=CAQSKQDICaaNcx6a8XuzId20_eXDw875FbZHLA__G9VrYh6WdFBKkk9RG8v1GAE&template_id=484&cbvp=2
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame 1B21 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:21 GMT
server
Kestrel
server-processing-duration-in-ticks
899420
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame DF0B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
bb2dbaadaed170d3e17c6f8071b8acedaa2075dd69c2d3b3c4c72fd758984153

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:22 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 7042 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 7042 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:22 GMT
pixel.gif
static.criteo.net/images/ Frame 7042 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525253A%252525252F%252525252Fnews.heraldcorp.com%252525252Fview.php%25252525253Fud%25252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:22 GMT
sid
mug.criteo.com/ Frame 1B21
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=s-CmwV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm00Uk1vM0d6WHJGMXlSRT...
  • https://mug.criteo.com/sid?cpp=74_ROHx4eUhvRGVjbmJnMUtZQUttbERMY1VwekhRaGhhZEpvM1lVakVkZmkyMGtON0tvUENPeGJzQ091Rjg2Qk5nemxRUDdON1hJeFZCRWk1OWI4bzUxQ3hOV3pzRDVxbXMxWXVSYVZoZldEUHJtMGtMakhYVit2bk5tMl...
433 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=74_ROHx4eUhvRGVjbmJnMUtZQUttbERMY1VwekhRaGhhZEpvM1lVakVkZmkyMGtON0tvUENPeGJzQ091Rjg2Qk5nemxRUDdON1hJeFZCRWk1OWI4bzUxQ3hOV3pzRDVxbXMxWXVSYVZoZldEUHJtMGtMakhYVit2bk5tMlNPMmF6cm5qakhicUpBcSt5T0J6cXIvUXBBWU1WeUFuVkEyZzVEUTZaYnlPZ0k4VFVhZksvYjdjK25VNU9kMHg4M2VEZlRYUEZUb2ptOUliUHJCYVJPa1lOVWUyd1BXU3A5aUlOUDdja1lwTHpQdnFVU3VoTlRyc010VjNuZVBzMDhHaU1WanR5YU5jOTlQTURNWkppekNGMjFTNDFFSzI3bUE0M0lhMXo1cFBkaXhxNWN0WW9qcnRnMTczeEtlaDg0QkRia050cHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8d590850e29fedb11970625b30058589bc29d4b2ce79b3e1fb30de509e07f533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
683311
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=74_ROHx4eUhvRGVjbmJnMUtZQUttbERMY1VwekhRaGhhZEpvM1lVakVkZmkyMGtON0tvUENPeGJzQ091Rjg2Qk5nemxRUDdON1hJeFZCRWk1OWI4bzUxQ3hOV3pzRDVxbXMxWXVSYVZoZldEUHJtMGtMakhYVit2bk5tMlNPMmF6cm5qakhicUpBcSt5T0J6cXIvUXBBWU1WeUFuVkEyZzVEUTZaYnlPZ0k4VFVhZksvYjdjK25VNU9kMHg4M2VEZlRYUEZUb2ptOUliUHJCYVJPa1lOVWUyd1BXU3A5aUlOUDdja1lwTHpQdnFVU3VoTlRyc010VjNuZVBzMDhHaU1WanR5YU5jOTlQTURNWkppekNGMjFTNDFFSzI3bUE0M0lhMXo1cFBkaXhxNWN0WW9qcnRnMTczeEtlaDg0QkRia050cHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
404711
content-length
0
expires
0
all
csm.eu.criteo.net/ Frame 98D6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vBQRSBtHU8SFIeDX31tON_cNDG9eNmdsIvamh0PRHDuyVgPXOmgIE7sr9c421r-HRD7KUoQNtcvk-GcXMrqmI1zSyj9O_ftVw7uPPCmyK-TDpGsRUu4K00BJcjI4233_KEZDgk8Sru61cQgy7jAfrjiqBPhMztTMDyahhQizdr7901yEupWKR50_a53ki7-9JGXl8IdNUiQSMA2SEPiIyz1fZSY_K9q6qzMI5H-6nbCFCFCNGNHxcnR_1cM&sds=2&rev=89121&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUIyjwAAdQEIEddvAAz-97Nvy_neFVdeoV6qvg&u=%7CDk6UzFnAFUFC9QEeVvNA0BBUTYPSFRgLArbY2sYVlFQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIM4bdMLLaH6KcqZb-fX-o6X83QSsGnF0v4aDtGTEWv_nk0fyCLuZhQRd2GqSYS9h7PGUfLv2R_zujwCABBT_9uPby7pAVeWO_EACVtAid7US6NIM1iyxK2TAK1M_0ELlqDxZrwR74hB5rGSL20lQL6XnXEoOJMBRNe8H84WmlkE5p1GVklx4iZYwoC7ZlEkRn0-T9Viyy8qO1HYwIUHeTzKrInWMt0u1DuN-RpbpWfzdMn-k65fK6Pve8oqDwfIK39Sa9j-OvGKxC0jcHdaPyIaR3a_atR-p4FUxPUc1VT1CM3dz5LYoml6XN5Dl0GoGovJ86hTYLoSD3yI2sw7bpjrT48BGOYeBScZm_wetmSb3mt1dKIbY0DiFmqXJq4rqdWxn0l6VNy1Oh0ZlB8J4Ay9BVdhy8dvz_ML24ruWO8uUWUJ2z6PV4xqxZwzRquYdaLMD9VbaD4NuzMMhdlniztYVZ7AaQTusK95bncNEtDBJ0PKvtO-9SmV-hHOoodvU36totOKWaAg2htOKdZ3941HbLegQekUPK3Td_1YaR_29&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdNRUjzJCZYHqAe-ux_AP9_2zwALJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTQ3MDcwMzY0MzAyODc1NDTIAQmpAuZOUjkYvbE-4AIAqAMByAMCqgTFAk_Q8jA6c9QN4kU_wfaJMXZWCpaZOQQ76co3aJTiJXo0ae1zHgIUoVUypo0oRJK_W3uvgjFYSCdONR72CkR0JVwVzSuzRQ2eZd6Uir8vnLOkqAwtwX8ONBcn0EBAmCDl7QIuNmaKYgJXxhYvOWcRHNJaXq-YcjMf_1gAJ0KlCZ2LCxnWkZGYrJlGkdASQRlImTu0o3hWaBv3UG9hfcRAWWUPJR_ca8WyeOWuK0r1JUiU4sSCHlvwXmvXN3PPnQbl7zsaHHgvH7Teu8ahydIpaHdFcqcb8zWIOIVSy_K6oVQsFCAk25p50MY-xKWXj0jGCKM05Hhdc9wgFVdeWIynehPYwt_6UjiyoWBu_pvUoxxd23i0owwz2kz1ynM25ysmwWh-ifRGLme4Xf3qPkLHGjerF_X3vj0LrIw5W3cPnbGP30YYD_zgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcxNDk3MzYyNDUwNDUwMTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37BErqkcF_QDvi9LIJJJAg72p0ew%26client%3Dca-pub-4707036430287544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 11:12:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
PelicanC.dll
media.adpnut.com/cgi-bin/ Frame 793E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&campaignid=02VB&gothrough=nextgrade&out=script
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
aa7e757c6fe7ac60acd39f61bd2a988e5fc4cfe3945365085bc13e68ad6d00b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 87CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310260101&jk=3965633116101905&bg=!w8ClwI_NAAbo5yKYyOc7ADQBe5WfOD8nA7esU6YZAi5DjouQs_4dtKOsgI-LBDflRN5nSaa29H5if3IlTh3n8KQPStd3AgAAAO5SAAAABmgBB5kDSi8BiT9bRP9t-QSH4-_IzaKxh0Qtj2DbiN1Im7CB7kQGiY8kodkASIabnoY2xKSnU41PLzOXn0cMR5xuRD3fFwKnlHYeAKwbZ1iZG-evksHuGU_0tiEWjRLdKb67NqLlDeSU_eOg3iMrZL81bbcKnRrECsDoG8TIdrEW36zREUG3sCtzFpl0XDRPs_2Q7eJuhj1uteV101-bBEGbCJH6q4IX2bG9tOpGe4QCgYMB964Iuf7QD8XM1_XbOLgXYAgHvHmgkJENxzKyWfVCiBGBODBhnZDzPXo-nKtrY3wx0JqBbC0Hd8xidMgjDMEbY51z1mHz0NMWcameGNbQC5LCH0nIQqewwizF7uo-CaiFmQKJoJRbKydbV49OaVTAAbZJyXQ9xwZVa7amw1x3EsQEsjLK4VGo3Ee8Iu_lD34pDpeKaTwJfGHP-rl1FbuI5wfDbMHEOHncWGK0k-wVqkmNc7QUHgFNHMi4-qMfzqdqcLzpFcNINDwNJE8bVWKH3aMUKWCthHmWKDLWkSkfG9jvCnvaupQ6yT7_OGPg5U-jBWeKMIIPoUu-T5hOaYvi09im3zxniaIGk4IEG8lCLIwhOtgEjhmzkovFiXrfPBdX2V7BAqSs3p65qGxpApNE7TCSFTii4fxA9DU195VlK9p4fFNib3f4DylNOZjVVtFZPscuJsGBcgsIIyCuJe_9kFbiiMoboPUW0MsVVzFEWueiWcmkNgYhmP0GQ2zTCJ606lBKmY_kIIFjHvF5o-0wjj4WMcNfGJeXxjJGfz-PMjKJJSfvN5E8FvB5os9cnCi_IjgV1M2gt-LpyF01o9Diuo9Br4s_qSVK_Qhe-ZaV8u18LQFsJgd33NknKSS_BrJ88t7JH5Bt8XG9cjVaAwfYJBdt8w3ZhHK-6OnveJ1Hkz0VznfMfFVk5WaCWEVe3XqddJmBO9nlVWO9p7AH1IpjeLPr_o40BeG2ttOl3KgmJ9GOwZNUPYBHmxV5DfhT3ExTFrtv3qR2ozkbJEmgem1-F3KNd-pm-4Ig5Xedtwh2HaxN2Hay1t6B_q0L2umcVr9ijkPNt5Q-Q6hupn4dAnhMVocKgQmTeshzx5s4UL2pVfJAEiUe4psyUCq8xmSH
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
ad
dsp.mobwithad.com/v1/ Frame 2C8A 		583 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
242cbf2808041d5b0344f9d3f9bf4378959bf0001ccaa2ea071d9dc1603927e5

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525253A%25252525252F%25252525252Fnews.heraldcorp.com%25252525252Fview.php%2525252525253Fud%2525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:22 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame 7F84 		79 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTY=&inflow=&query=&lang=utf-8&cookieval=&tm=1698837142955&jquerycallback=foinCookie.setReferrer_local
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTY=&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837141789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:23 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame EBD8 		556 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//media.adpnut.com&lang=utf-8&tm=1698837142965
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c22076d7e7e05feb763df3d42d7e6511cd0ca0711c3ae7e3d87dc2dbf281911b

Request headers

Referer
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Date
Wed, 01 Nov 2023 11:12:23 GMT
Server
Microsoft-IIS/10.0
sodar
pagead2.googlesyndication.com/pagead/ Frame F64A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310250101&jk=1220570519338804&bg=!JCelJ2jNAAbo5yKYyOc7ADQBe5WfOCur6V6Ckim75bgMZ-CesfAL6RsrJtNfd4tJ4co4jW82Gob3yAfUsIZRkKwqVpzIAgAAAXxSAAAABmgBB5kDW-0Ho1SqI2iRwaJr0gZSWDxlgUdNBwxH3ktw7EdanSx-CPfDB5ji-TGqp0azFJER0_W3t0gjhmgIqJ0E021G1vsGkMaoI9m5MDgEeh5f2iNtVO4qlPNRb0QYqwNE-6xkk9dsHJjQClo2yBz_D-sCTGQaHPxhrq7nEOpvm2s8DG4efK-ejzDTkQxrAYIqm4YbzqG6XGKqycEKAzBfbj5Ppx4DqfOaADsrSqvLCckm9CGeuKN_RfPLsUIbebSZnw75b5sLD4qpKA-ZUXL7zkTIDPm_p2lpvHdn2MaohVKnvzC9vUMAiyeivv6gx47dYIctkxD4GnHh-oH6gbBgdb0XUbErFC1F8IJ5qtzE-GuIux36raBs_B4Ws6TmCRBvQNw5yjbGYX1TSV6tQxOYVa8TGYs30Nr4ymznt6IgBVXclpSCj06bUo1pBjRztAYRPrVUxJY3ojPCq-xFuXVYKWGl65FqHQRa69p6DHu1R-fX-3Peau3s6B59bDWWOH7xHuYdlB-Nnx1LimL2PQm6SrwnSd0fh9GBHlhGQncaroSA4CWW1a4g5iV6RMSbb88_dvS2ShHadiEk2ufDZfN4YjrHvI-u8ylTC6NuYXGyS9EErFIL7yyk927EM3mbKXyQajYigpNMsOzdWBSeDcMVxVFIttfmw_ueeNWgzmRHxYdrxtwt2NzcQazK75jx_tCIn9fHBHRbEpAsXQ6UoggIUw3Smqz37gmkGK6thVcYHS1rPwnRxin6b6K7PBwav__InSqrHTX1goInnCURCGljEWV7B7peIHNSuwvPux2PpTqfh-2ymFPeqMNYTCuIbkqWeKMPIJUq9bLToKn9a8X8BKb42Z38aqMuybd-SKpVS8-70zKMzOVfKYhtzIDXqLkiorHXRApnh2XtNFUtzFRWQTt0XZX81eUX94jRXoBOlknJjZ-MsMIATptbfO_UfF5-ztBJIl9_sRrrniCoMvToJqWom-QKTFKvfdntDFLNf7-LQKv7yT69AbwZcGok__cNsv2qUitMo3Boo4u5SyiQ0fY7PniMZxdztLlshSLvMRwlEaK-5rfHY4095hoHxEQOWyMsW69zLCsygruYLMFJKOzKfmuAxB9Y1-KSCzNcg1kAbDywlKPiglGsStfRD3E
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25253A%252F%252Fnews.heraldcorp.com%252Fview.php%25253Fud%25253D20230803000456&s=666141&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
http://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1698837143251&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjUsInJlcXVlc3RfYWQiOjEwLCJyaWQiOiIiLCJhbGciOiIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJrci5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3VzZXJfaWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInVpZCI6ImZjMmNiMzQ4MmM0MTYyZTBlMzMxNjk4ODMzNTM0NjY1Iiwic21qSWQiOiIiLCJsb2dpZCI6IjVmYzhmNjM4LTI2NjktNDkwOS04NDQyLWNlZmFlM2QyZGYyOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoibmV3cy5oZXJhbGRjb3JwLmNvbSIsInRkX3BhdGgiOiIvdmlldy5waHAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Server
52.4.243.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-243-180.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Wed, 01 Nov 2023 11:12:23 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame EFF6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u2&out=iframe
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fb88141ef60de2d3b5bc3a60922b67be87462884c49691e269d3e715fbb9aa1a

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame E394 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u3&out=iframe
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d7b60ac1202a238b276793327294ee17b6f1ed5bcac48dfa7a9e9a3402223392

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame A772 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u4&out=iframe
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
37a35f1a7856fb3be2deca854a5b07c7f9aec37d9552647c65767be3072b92f5

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
http://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1698837143260&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjUsInJlcXVlc3RfYWQiOjEwLCJyaWQiOiIiLCJhbGciOiIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJrci5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3VzZXJfaWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInVpZCI6ImZjMmNiMzQ4MmM0MTYyZTBlMzMxNjk4ODMzNTM0NjY1Iiwic21qSWQiOiIiLCJsb2dpZCI6IjVmYzhmNjM4LTI2NjktNDkwOS04NDQyLWNlZmFlM2QyZGYyOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoibmV3cy5oZXJhbGRjb3JwLmNvbSIsInRkX3BhdGgiOiIvdmlldy5waHAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Server
52.4.243.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-243-180.compute-1.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Wed, 01 Nov 2023 11:12:23 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame E006 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u7&out=iframe
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9ca0ad52786843526347f194bcc8be3952d42800699904fb56faabf94a7ea1f4

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
PelicanC.dll
ad.adinc.kr/cgi-bin/ Frame E1C8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u8&out=iframe
Requested by
Host: api.popin.cc
URL: http://api.popin.cc/searchbox/bizherald_adin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae50cc6346d669713997e8e999157e771009214a56da5d02ce3d8197e1752f11

Request headers

Referer
http://news.heraldcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJ1aWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsIm1lZGlhIjoiYml6LmhlcmFsZGNvcnAuY29tIiwiZGV2aWNlIjoicGMiLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MCwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTguMC41OTkzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2IiwiZ2VvX2NvdW50cnkiOiJrciJ9&t=1698837143246
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ 		35 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.popin.cc/log.gif?type=related-kr&uid=&url=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&t=1698837143247
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Last-Modified
Tue, 10 Sep 2019 08:00:29 GMT
Server
nginx
ETag
"5d77581d-23"
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
s.gif
rlog.popin.cc/ 		35 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rlog.popin.cc/s.gif?url=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&uid=fc2cb3482c4162e0e331698833534665&type=pc_pv&nid=pc&media=biz.heraldcorp.com&r5=cc_NONE&t=1698837143251&tz=kr
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Last-Modified
Thu, 16 Sep 2021 06:17:57 GMT
Server
nginx
ETag
"6142e195-23"
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImV4cGVjdGVkX2FkIjoyLCJyZW5kZXJlZF9hZCI6MiwiYXBpX2hvc3QiOiJrci5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3VzZXJfaWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInVpZCI6ImZjMmNiMzQ4MmM0MTYyZTBlMzMxNjk4ODMzNTM0NjY1Iiwic21qSWQiOiIiLCJsb2dpZCI6IjVmYzhmNjM4LTI2NjktNDkwOS04NDQyLWNlZmFlM2QyZGYyOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoibmV3cy5oZXJhbGRjb3JwLmNvbSIsInRkX3BhdGgiOiIvdmlldy5waHAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTguMC41OTkzIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MCwiZ2VvX2NvdW50cnkiOiJrciJ9&t=1698837143251
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://inrecsys.popin.cc/PopinService/Logs/other?data=eyJkb21haW4iOiJuZXdzLmhlcmFsZGNvcnAuY29tIiwidl9kaXNoX2xhYmVscyI6IiIsInZfZGlzaF90bGFiZWxzIjoiIiwia2V5Ijoia2V5MTY5ODgzNzEzODE0OCIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInVybCI6Imh0dHA6Ly9uZXdzLmhlcmFsZGNvcnAuY29tL3ZpZXcucGhwP3VkPTIwMjMwODAzMDAwNDU2IiwidWlkIjoiZmMyY2IzNDgyYzQxNjJlMGUzMzE2OTg4MzM1MzQ2NjUiLCJwb3Bpbl91c2VyX2lkIjoiZmMyY2IzNDgyYzQxNjJlMGUzMzE2OTg4MzM1MzQ2NjUiLCJzbWpJZCI6IiIsImFwaV9ob3N0Ijoia3IucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsImxvZ2lkIjoiNWZjOGY2MzgtMjY2OS00OTA5LTg0NDItY2VmYWUzZDJkZjI4IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiM2YyMWQwYTctMjMwNC00MzBmLTlmZGUtOGM5YTQyNjljMDc5IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHA6Ly9uZXdzLmhlcmFsZGNvcnAuY29tL3ZpZXcucGhwP3VkPTIwMjMwODAzMDAwNDU2IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJuZXdzLmhlcmFsZGNvcnAuY29tIiwidGRfcGF0aCI6Ii92aWV3LnBocCIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiI4MS45NS41LjM1IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOC4wLjU5OTMiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9tZWRpYSI6ImJpei5oZXJhbGRjb3JwLmNvbSIsIm5vdyI6MTY5ODgzNzE0MzI1MSwicG9waW5fdmVyc2lvbiI6OH0=
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/plain
s.gif
rlog.popin.cc/ 		35 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rlog.popin.cc/s.gif?url=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&uid=fc2cb3482c4162e0e331698833534665&type=pc_channel_pv&nid=pc&media=biz.heraldcorp.com&r5=ch_pc&t=1698837143251&tz=kr
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:24 GMT
Last-Modified
Thu, 29 Aug 2019 01:24:26 GMT
Server
nginx
ETag
"5d67294a-23"
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJjaGFubmVsX2lkIjoicGMiLCJleHBlY3RlZF9hZCI6MiwicmVuZGVyZWRfYWQiOjIsImFwaV9ob3N0Ijoia3IucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiYml6LmhlcmFsZGNvcnAuY29tIiwidXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJwb3Bpbl91c2VyX2lkIjoiZmMyY2IzNDgyYzQxNjJlMGUzMzE2OTg4MzM1MzQ2NjUiLCJ1aWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInNtaklkIjoiIiwibG9naWQiOiI1ZmM4ZjYzOC0yNjY5LTQ5MDktODQ0Mi1jZWZhZTNkMmRmMjgiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzZjIxZDBhNy0yMzA0LTQzMGYtOWZkZS04YzlhNDI2OWMwNzkiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuMTE3IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im5ld3MuaGVyYWxkY29ycC5jb20iLCJ0ZF9wYXRoIjoiL3ZpZXcucGhwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE4LjAuNTk5MyIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIzZjIxZDBhNy0yMzA0LTQzMGYtOWZkZS04YzlhNDI2OWMwNzkiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsImdlb19jb3VudHJ5Ijoia3IifQ==&t=1698837143251
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjUsInJlcXVlc3RfYWQiOjEwLCJyaWQiOiIiLCJhbGciOiIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJrci5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3VzZXJfaWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInVpZCI6ImZjMmNiMzQ4MmM0MTYyZTBlMzMxNjk4ODMzNTM0NjY1Iiwic21qSWQiOiIiLCJsb2dpZCI6IjVmYzhmNjM4LTI2NjktNDkwOS04NDQyLWNlZmFlM2QyZGYyOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoibmV3cy5oZXJhbGRjb3JwLmNvbSIsInRkX3BhdGgiOiIvdmlldy5waHAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTguMC41OTkzIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0=&t=1698837143252
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
rlog.popin.cc/ 		35 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rlog.popin.cc/s.gif?url=http%3A%2F%2Fnews.heraldcorp.com%2Fview.php%3Fud%3D20230803000456&uid=fc2cb3482c4162e0e331698833534665&type=pc_channel_pv&nid=pc&media=biz.heraldcorp.com&r5=ch_pc_right&t=1698837143260&tz=kr
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:24 GMT
Last-Modified
Thu, 16 Sep 2021 06:17:57 GMT
Server
nginx
ETag
"6142e195-23"
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJjaGFubmVsX2lkIjoicGNfcmlnaHQiLCJleHBlY3RlZF9hZCI6MiwicmVuZGVyZWRfYWQiOjIsImFwaV9ob3N0Ijoia3IucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiYml6LmhlcmFsZGNvcnAuY29tIiwidXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJwb3Bpbl91c2VyX2lkIjoiZmMyY2IzNDgyYzQxNjJlMGUzMzE2OTg4MzM1MzQ2NjUiLCJ1aWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInNtaklkIjoiIiwibG9naWQiOiI1ZmM4ZjYzOC0yNjY5LTQ5MDktODQ0Mi1jZWZhZTNkMmRmMjgiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzZjIxZDBhNy0yMzA0LTQzMGYtOWZkZS04YzlhNDI2OWMwNzkiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20vdmlldy5waHA/dWQ9MjAyMzA4MDMwMDA0NTYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuMTE3IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im5ld3MuaGVyYWxkY29ycC5jb20iLCJ0ZF9wYXRoIjoiL3ZpZXcucGhwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE4LjAuNTk5MyIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIzZjIxZDBhNy0yMzA0LTQzMGYtOWZkZS04YzlhNDI2OWMwNzkiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsImdlb19jb3VudHJ5Ijoia3IifQ==&t=1698837143260
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjUsInJlcXVlc3RfYWQiOjEwLCJyaWQiOiIiLCJhbGciOiIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJrci5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJiaXouaGVyYWxkY29ycC5jb20iLCJ1cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInBvcGluX3VzZXJfaWQiOiJmYzJjYjM0ODJjNDE2MmUwZTMzMTY5ODgzMzUzNDY2NSIsInVpZCI6ImZjMmNiMzQ4MmM0MTYyZTBlMzMxNjk4ODMzNTM0NjY1Iiwic21qSWQiOiIiLCJsb2dpZCI6IjVmYzhmNjM4LTI2NjktNDkwOS04NDQyLWNlZmFlM2QyZGYyOCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vbmV3cy5oZXJhbGRjb3JwLmNvbS92aWV3LnBocD91ZD0yMDIzMDgwMzAwMDQ1NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoibmV3cy5oZXJhbGRjb3JwLmNvbSIsInRkX3BhdGgiOiIvdmlldy5waHAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTguMC41OTkzIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjNmMjFkMGE3LTIzMDQtNDMwZi05ZmRlLThjOWE0MjY5YzA3OSIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0=&t=1698837143263
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Thu, 13 Dec 2018 07:32:33 GMT
server
nginx/1.13.5
etag
"5c120b11-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
040a94bba50bc8499cd3cef0d5bd6047.jpeg
imageaws.popin.cc/discovery/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/discovery/040a94bba50bc8499cd3cef0d5bd6047.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
fa3991df227d7f547b7528861dd99a5fdb9314489c75fd8792a508432cfd26a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:24 GMT
x-amz-version-id
pzbC3mihi1P_T8VLDVotLxz7dKg63QcB
Last-Modified
Mon, 13 Jun 2022 01:24:59 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"2cc9d46f9b7431109c96e0d571473608"
X-Cache-Status
HIT from 10.252.43.46
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47866
Expires
Thu, 31 Oct 2024 11:12:24 GMT
7555e65dc07d29ec44d9f67c66338dac.jpeg
imageaws.popin.cc/discovery/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/discovery/7555e65dc07d29ec44d9f67c66338dac.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
a501173f7a230581bab4ae0759806b9e40976e049d07522f3fe6d832d3194e07

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:24 GMT
x-amz-version-id
h2dKhmP3wIeUitqUaL4gmWuPBDHuODYN
Last-Modified
Mon, 13 Jun 2022 01:27:59 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"3b92ce9edcde69bb9b4ce415ef3d4081"
X-Cache-Status
HIT from 10.252.43.26
Content-Type
image/jpeg
Cache-Control
max-age=31536000, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25048
Expires
Thu, 31 Oct 2024 11:12:24 GMT
151fa0c0255c92a7bb1c5e82385d63ee.png
imageaws.popin.cc/ML/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/151fa0c0255c92a7bb1c5e82385d63ee.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
f2eb4da3652ed4a60bdc7aa946178d9d2d1145396f38f3c062c5968e28189678

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
x-amz-version-id
xw9y20YLDHAJMCpONIq4EXma0GLNZVBi
Last-Modified
Tue, 30 Aug 2022 02:35:41 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"151fa0c0255c92a7bb1c5e82385d63ee"
X-Cache-Status
HIT from 10.252.43.46
Content-Type
image/png
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190343
Expires
Thu, 31 Oct 2024 11:12:25 GMT
acab061d798a5c59f44a254db0390877.jpeg
imageaws.popin.cc/discovery/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/discovery/acab061d798a5c59f44a254db0390877.jpeg
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6cd81aa7b1e816ffff309398e2d060ecd08214f1bb9bb2a4c489ffed0b812466

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
x-amz-version-id
uvQvzGob_0YN5RuDzszNHe07XdH8tlwv
Last-Modified
Mon, 13 Jun 2022 01:42:14 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"f8529e080d31d9f83804a5543e7b198c"
X-Cache-Status
HIT from 10.252.43.28
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61028
Expires
Thu, 31 Oct 2024 11:12:25 GMT
5ea5ed15bbad32fac9a8712f90d3200b.png
imageaws.popin.cc/ML/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/5ea5ed15bbad32fac9a8712f90d3200b.png
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8a2ff2fc21835519556bcf2b3a9cca9361ba3f1e342a9b825ae59bf35759e591

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://news.heraldcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
x-amz-version-id
KgSY5DKnzr_Sxj17r7NFUnFIm2UeL.p6
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.26
x-amz-replication-status
REPLICA
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
93139
Last-Modified
Mon, 18 Sep 2023 08:10:54 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"5ea5ed15bbad32fac9a8712f90d3200b"
Content-Type
image/png
Cache-Control
max-age=31536000, max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 31 Oct 2024 11:12:25 GMT
adBanner
www.mediacategory.com/servlet/ Frame B99D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
44e4c9d4adb96d543aa00b22b4e8d104082062254915f22dba2ff75f2097f938

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 768A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310300101&jk=3050975260255827&bg=!w8ClwI_NAAbo5yKYyOc7ADQBe5WfOINMWXHtcygy-PvlSTp38Ocg5fYrUbY7aGOEg8Mr9kwkTSxz9cdq9Ic3KdmA2i1KAgAAAWFSAAAABWgBB5kC8VUeswGRSX5vj_t4RJyvypa_jhuLUljwezKk_U8raykkMn8YoGiL2Rxa7rHG7bIOW0R2RCJD0Lval2nUeM1rnTCHNeKdC4djz-r4HdDfrzUyKtuIagEXljOOTE7A79nObRH4Hr_wFMkah4kj9DZ-olWNv6eu0VI-uRHzOuyfvkhWl9-2isjQPah-sUOjRyx8BrxXXFEsNQRp8Q-2mtCvkSYglvAfr5BnKsVhnPvuQRvwhjB5tPQ2Gp3DFnfHEJf3e9iMHOSia85w69CMCxlNOcaQ3cYeAgEO9Bjuc_Mb1A7dC7N-YFVh7Zwt6znw3j3n-DyNQeD3Qa0me4y_WdDUDXqFzNFvQKYq6p9NjNukeO19zsYzjuDi8Xpyy6qSBBt_x-yhM6KJNbPQrs3NRXDWOi38fTf8kt__9j_oqlxQtMdevNMwscwAVjE4j9p_anG-t_7vUidcBW0KIV-Ubt3HA0TROQp-B_v9R4xXTPNadwiHNdEmR7VRjmOb3I2nwcudWvVsw_cp4jLk6734FMuC4Wc-CRxJVHTT_ZdAV2iOUSNoKTK9_sRaZcbgOarHXZu0CBzjqdkXUG-a6QBoY4ZPRCYk6C7T-gV-2Qe1kSTqTk-JNg-9LYY4mCeyXgxkIVGTcYHa926txIHV8q7We7ElYOcq8ZycQR6PfvqD72-2sFndtS_zqpWHulYc-APaZxyXxc_crn-zKv_WXH3YBJEeK0-WtdCDPYAk89KH20yCtniDirbsefpsKlI8k4ASb-vvFl7_JybKuS9LDSLfIrw6gn_aobMzljo83_A62OjYwlfMjXeQyO0NdofCycleU3MA3LmicbGj9gjDeNlzVrh2jUuJlP3q65Wo-NT4mddKSt_DtccMoxlPdrGJDOLh3H-fg7NtCwGNIns4O2a_UfkGvwoeyjTPUWuXFLMSiUM4iCs5EBdpCE9rgBx77PhhAWQxXcZDoVz50pSMHoKfH9Az83xC0hrzIxa_W007NAds1B9qKQ
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
tend_child.js
js.ad4989.co.kr/common/js/ Frame EBD8 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend_child.js
Requested by
Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//media.adpnut.com&lang=utf-8&tm=1698837142965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:22 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges
bytes
etag
"5e539ef6:1164"
content-length
4452
content-type
application/javascript
publishertag.js
static.criteo.net/js/ld/ Frame 793E 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&campaignid=02VB&gothrough=nextgrade&out=script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:23 GMT
syncframe
gum.criteo.com/ Frame 0EBF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adex.ednplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:23 GMT
server
Kestrel
server-processing-duration-in-ticks
839843
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 793E 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=779253949
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adex.ednplus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adex.ednplus.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
publishertag.js
static.criteo.net/js/ld/ Frame B99D 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:23 GMT
sid
mug.criteo.com/ Frame 0EBF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=adex.ednplus.com&sn=ChromeSyncframe&so=0&topUrl=news.heraldcorp.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=m91ChnxTQkNqNzk1SU5aWVZBbUwxcjdRWkNuQk5LbG5NeTgvSEprcnN2TktaSnZ2UFZrcWo1djI1RHYyYUFDOEw5b2kzUHcrVFBXUWtNSUpEOEUwTUExQTBMV25rVVFlVXg3ZDMrcmN1YUJFT1k1am02L3A2THFETWtwTT...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=m91ChnxTQkNqNzk1SU5aWVZBbUwxcjdRWkNuQk5LbG5NeTgvSEprcnN2TktaSnZ2UFZrcWo1djI1RHYyYUFDOEw5b2kzUHcrVFBXUWtNSUpEOEUwTUExQTBMV25rVVFlVXg3ZDMrcmN1YUJFT1k1am02L3A2THFETWtwTTBhdTJ2T1oyYTE3RS9YUEdNTW9NYVFocDJkM1B4Z1M0c2dVUXBuMEFJQVJFTHJCcWpuWDBWSVoySmd4aWVoZTJ6azNSNmtCZ0ZIclpKcVdIbXdLbDBEbDAvc0N1aDc4cTgwNEplbUdxTVh1MFQxYTJYejNsTmlYcC9zS3RUUit2MnBuRDl1blJuUFFnUWRIU3U4TDVxdVZFSjBGa3dGV2xUZFdlYm9NdHlCeGR6ejJScUUyRT18&cppv=2
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f6a429e9cdeccf63ddd42e07e7dc32cc70af5f09a4245898fcd2f0271ff0d14d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
837848
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=m91ChnxTQkNqNzk1SU5aWVZBbUwxcjdRWkNuQk5LbG5NeTgvSEprcnN2TktaSnZ2UFZrcWo1djI1RHYyYUFDOEw5b2kzUHcrVFBXUWtNSUpEOEUwTUExQTBMV25rVVFlVXg3ZDMrcmN1YUJFT1k1am02L3A2THFETWtwTTBhdTJ2T1oyYTE3RS9YUEdNTW9NYVFocDJkM1B4Z1M0c2dVUXBuMEFJQVJFTHJCcWpuWDBWSVoySmd4aWVoZTJ6azNSNmtCZ0ZIclpKcVdIbXdLbDBEbDAvc0N1aDc4cTgwNEplbUdxTVh1MFQxYTJYejNsTmlYcC9zS3RUUit2MnBuRDl1blJuUFFnUWRIU3U4TDVxdVZFSjBGa3dGV2xUZFdlYm9NdHlCeGR6ejJScUUyRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
252552
content-length
0
expires
0
PelicanC.dll
media.adpnut.com/cgi-bin/ Frame 3644 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&grade=3&out=script
Requested by
Host: news.heraldcorp.com
URL: http://news.heraldcorp.com/view.php?ud=20230803000456
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
df8ce2c35bd1b3b938cd7ac05c786104e1898738350e6fe579f390efed17f611

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
events
bidder.criteo.com/csm/ Frame 793E 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adex.ednplus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adex.ednplus.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 793E 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:23 GMT
pixel.gif
static.criteo.net/images/ Frame 793E 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&out=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:23 GMT
cdb
bidder.criteo.com/ Frame B99D 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=UxhoVV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnRmcVZEZVJiV2hUczNVVjFGRURNUDMwTzlJaVJMT2ZucE9ISGZnZFNtN3JpSVhFU0dBUFo2JTJCWnNLOTFCciUyQjBrV1ZzQWptbFg4eVB6SFVEaSUyRk15VU9IQ2dOU1BJdHElMkZaQXo0SkpoOFoyTEkyME9RNzYxTnlJcDVQWEYyJTJCczlCSUElM0QlM0Q&cb=47292217259
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
mobonLogo02.png
img.mobon.net/newAd/img/logoImg/ Frame 8270 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/newAd/img/logoImg/mobonLogo02.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Last-Modified
Thu, 16 Aug 2018 00:58:34 GMT
Server
Apache
ETag
"10010c6-287-57382f14d9e5f"
X-Cache-Status
HIT, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
647
20230817102902-FxPB1OEIF3-300x250.jpg
img.mobon.net/ad/imgfile// Frame 8270 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20230817102902-FxPB1OEIF3-300x250.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
562956aa7fef02724ab63cb7fc3dc1efac0cf8f48596137590fd89d367fa82fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 01:33:21 GMT
Server
Apache
ETag
"74bc9426-83c6-6031465bcd0b4"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
33088
300x250.png
img.mobon.net/servlet/image/mobon/ Frame 8270 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/servlet/image/mobon/300x250.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525253A%25252F%25252Fnews.heraldcorp.com%25252Fview.php%2525253Fud%2525253D20230803000456&s=837688&iwh=300_250&igb=74&cntad=1&cntsr=1&sslRedirect=Y&passback=iwmggno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b68d22aa26dc4aed4c8216dbcb96e184fc1fb3c56bff363a2f8d462a97df5f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Sep 2023 07:30:47 GMT
Server
Apache
ETag
"10015de-a6dd-605d97876cea1"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
42429
syncframe
gum.criteo.com/ Frame 1DBC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:23 GMT
server
Kestrel
server-processing-duration-in-ticks
1340868
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame B99D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:23 GMT
pixel.gif
static.criteo.net/images/ Frame B99D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:23 GMT
adBanner
www.mediacategory.com/servlet/ Frame D61C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
cf28dac7b73694092e53718be143a009158d3f8390951ae720792ebe8aa3724b

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:23 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame B99D 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525253A%2525252525252F%2525252525252Fnews.heraldcorp.com%2525252525252Fview.php%252525252525253Fud%252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pelicanc.dll
ad.adinc.kr/cgi-bin/ Frame 80BF 		0
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837143688
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engine.tend-table.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:24 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
sid
mug.criteo.com/ Frame 1DBC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=UxhoVV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnRmcVZEZVJiV2hUczNVVj...
  • https://mug.criteo.com/sid?cpp=pf4TYXxhZHBtclRqd1hmZzY1OGZlWGJDM0Nzb1YrUTJUUTZHMzFpc2pQTlJteVM3ODdtYzgzS3p3bzNxNU5uVzF0U2xZZWtSMXVsbHE3UmtOVUZzTEpYS1pwWXJtRStnQUJhd2s3U2pBNVpjMWtvZ3l3bnFxaWM3VTdFbl...
435 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pf4TYXxhZHBtclRqd1hmZzY1OGZlWGJDM0Nzb1YrUTJUUTZHMzFpc2pQTlJteVM3ODdtYzgzS3p3bzNxNU5uVzF0U2xZZWtSMXVsbHE3UmtOVUZzTEpYS1pwWXJtRStnQUJhd2s3U2pBNVpjMWtvZ3l3bnFxaWM3VTdFblhSTUFzMTlFUmVoYXpmV3hjb09CWS9wUzBjK3FDV25oa3pQcjNOSnpJVGdjNnUxVGpBcWVwOHZicHBGRXQxTnNkcjlLckZkOU9Ra1JqaWpvVExNT1JIdzlvc0hMS0kvby91Ti9jdCtvM3AxNjVKVU5yQWJzdXdrelQwQ0wzQ3JhNkJnZkNQcS9oOXNpTW9RY3QxRUgwak1qcVJxODcrdFJhd0w0d01KcFpHbEVyV1p6T3FmaURPOElFRGo4Y1ZNeEZCZ21oa01iWXw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
311b37b61b45c3442ca1cd270367ac06330e8a05d850486a21d3bdf84a8d22ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1415311
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=pf4TYXxhZHBtclRqd1hmZzY1OGZlWGJDM0Nzb1YrUTJUUTZHMzFpc2pQTlJteVM3ODdtYzgzS3p3bzNxNU5uVzF0U2xZZWtSMXVsbHE3UmtOVUZzTEpYS1pwWXJtRStnQUJhd2s3U2pBNVpjMWtvZ3l3bnFxaWM3VTdFblhSTUFzMTlFUmVoYXpmV3hjb09CWS9wUzBjK3FDV25oa3pQcjNOSnpJVGdjNnUxVGpBcWVwOHZicHBGRXQxTnNkcjlLckZkOU9Ra1JqaWpvVExNT1JIdzlvc0hMS0kvby91Ti9jdCtvM3AxNjVKVU5yQWJzdXdrelQwQ0wzQ3JhNkJnZkNQcS9oOXNpTW9RY3QxRUgwak1qcVJxODcrdFJhd0w0d01KcFpHbEVyV1p6T3FmaURPOElFRGo4Y1ZNeEZCZ21oa01iWXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
255749
content-length
0
expires
0
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame EBD8 		79 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&query=&lang=utf-8&cookieval=&tm=1698837143710&jquerycallback=foinCookie.setReferrer_local
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//media.adpnut.com&lang=utf-8&tm=1698837142965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:24 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
pelicanc.dll
ad.adinc.kr/cgi-bin/ Frame 3D9D 		0
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837143712
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engine.tend-table.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:24 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
1661755035456.jpg
cdn14.ad4989.co.kr/03_iP/0LN_n/ Frame E394 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn14.ad4989.co.kr/03_iP/0LN_n/1661755035456.jpg
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u3&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.151.94.210 Gwangmyeong, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx /
Resource Hash
0f2d34af7d66d69e53220ba4484dfad5010298364c02f9971334cac901b5d605

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:24 GMT
Date
Wed, 01 Nov 2023 11:12:24 GMT
Last-Modified
Tue, 28 Feb 2023 02:58:22 GMT
Server
nginx
ETag
"63fd6dce-1d2c9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
119497
X-Proxy-Cache
HIT
tend.js
js.ad4989.co.kr/common/js/ Frame E394 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u3&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
1660636818870.jpg
cdn10.ad4989.co.kr/03_iP/0LN_n/ Frame EFF6 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.ad4989.co.kr/03_iP/0LN_n/1660636818870.jpg
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u2&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
220.117.190.150 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
e91ffc0c20afcae1d57a881e772b3871019e1aa12a9b44575f06411d21972bb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:24 GMT
Date
Wed, 01 Nov 2023 11:12:24 GMT
Last-Modified
Tue, 28 Feb 2023 02:58:22 GMT
Server
nginx
ETag
"63fd6dce-6661"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
26209
X-Proxy-Cache
HIT
tend.js
js.ad4989.co.kr/common/js/ Frame EFF6 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u2&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
1666083357221.PNG
cdn3.ad4989.co.kr/03_iP/0LKM/ Frame A772 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn3.ad4989.co.kr/03_iP/0LKM/1666083357221.PNG
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u4&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
579fbaf998be766e286fa419db953110096619c6f2aab3585931b35ac1d8d543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Tue, 28 Feb 2023 02:58:27 GMT
accept-ranges
bytes
etag
"63fd6dd3:9404"
content-length
37892
content-type
image/png
tend.js
js.ad4989.co.kr/common/js/ Frame A772 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u4&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
1688104154403.jpg
cdn10.ad4989.co.kr/03_iP/0LKM/ Frame E006 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.ad4989.co.kr/03_iP/0LKM/1688104154403.jpg
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u7&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
220.117.190.150 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
c84277f8192944e3a010d4f824a88b7f46ed9170bbf07023e36894bdc707a91d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Fri, 01 Dec 2023 11:12:24 GMT
Date
Wed, 01 Nov 2023 11:12:24 GMT
Last-Modified
Fri, 27 Oct 2023 07:01:12 GMT
Server
nginx
ETag
"653b6038-68b1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
26801
X-Proxy-Cache
HIT
tend.js
js.ad4989.co.kr/common/js/ Frame E006 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u7&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
1666341842277.jpg
cdn1.ad4989.co.kr/03_iP/0LN_n/ Frame E1C8 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.ad4989.co.kr/03_iP/0LN_n/1666341842277.jpg
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u8&out=iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.102.220.23 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
DaouIDC /
Resource Hash
6dcceeaef3796ce9af96dc3ed98de928232ff01342c9f03fce4185dc6555d671

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:25 GMT
Last-Modified
Tue, 28 Feb 2023 02:58:22 GMT
Server
DaouIDC
Connection
close
Accept-Ranges
bytes
Content-Length
81699
Content-Type
image/jpeg
tend.js
js.ad4989.co.kr/common/js/ Frame E1C8 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend.js
Requested by
Host: ad.adinc.kr
URL: https://ad.adinc.kr/cgi-bin/PelicanC.dll?impr?pageid=08u8&out=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.adinc.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges
bytes
etag
"616fc340:2272"
content-length
8818
content-type
application/javascript
ad
dsp.mobwithad.com/v1/ Frame 1529 		607 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
3eb8bbfa9883e21da5e5128fa1d9965d27053bd8cb9e22529885be8b3ecfb609

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525253A%252525252525252F%252525252525252Fnews.heraldcorp.com%252525252525252Fview.php%25252525252525253Fud%25252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:23 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
jquery-1.12.3.min.js
js.ad4989.co.kr/common/jquery/ Frame 3644 		95 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/jquery/jquery-1.12.3.min.js
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&grade=3&out=script
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2016 01:14:57 GMT
accept-ranges
bytes
etag
"57328791:a96f"
content-length
43375
content-type
application/javascript
powered_by_adpnut_off.jpg
js.ad4989.co.kr/etc/adpnut/image/ Frame 3644 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.ad4989.co.kr/etc/adpnut/image/powered_by_adpnut_off.jpg
Requested by
Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=045P&lang=utf-8&grade=3&out=script
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
a44f20ddc0e594e0197b44c83e1ec83607640b8c5cee76e44fc57678c3afaa4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:23 GMT
last-modified
Tue, 11 Dec 2018 04:41:23 GMT
accept-ranges
bytes
etag
"5c0f3ff3:3381"
content-length
13185
content-type
image/jpeg
pelicanc.dll
media.adpnut.com/cgi-bin/ Frame 714F 		0
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.adpnut.com/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837144497
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engine.tend-table.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:25 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
adBanner
www.mediacategory.com/servlet/ Frame 6D25 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
ed9127a490966bc0fa00458289c14693d4bc62745f5e707728114b4194f72e20

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:24 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 6D25 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:24 GMT
cdb
bidder.criteo.com/ Frame 6D25 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=pMSG4V9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmh0QnIyQ1JtTFozbXZ3Q1BUMXV1OVMyVyUyRm5lVTdaZ2syd3lPc0tLb3l6UWw1Nk1oZks0ZE44OVMxekM2V2ZTSVByQ3dINXZjRkxLUVAzaEVtWHNUV21YN0E0JTJCS2RsMSUyRlYlMkJibWlPd2IzQjViSnBEeUtTZEhIRk5VY01HUVlwRDBnJTNEJTNE&cb=10741375745
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 5CA7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:24 GMT
server
Kestrel
server-processing-duration-in-ticks
1000455
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame 03CE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
edd7eb8401a6944536117777a31c5b5ec69c46e6a55a7ec1bb692a0fe7b14465

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:24 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 6D25 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 6D25 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:24 GMT
pixel.gif
static.criteo.net/images/ Frame 6D25 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525253A%25252525252525252F%25252525252525252Fnews.heraldcorp.com%25252525252525252Fview.php%2525252525252525253Fud%2525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:24 GMT
sid
mug.criteo.com/ Frame 5CA7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=pMSG4V9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmh0QnIyQ1JtTFozbXZ3Q1...
  • https://mug.criteo.com/sid?cpp=8rHZ63wyYTVGMGFNUk8rbzhSY2hrZVhST2l2bitiM0JXZy85ZEVYYnZjVkxzY0t2VXJENDYwS21ZTWRjY0xoaVh5WjBJazN3ZEhaU0J5K0cxSHhrdWVscGl6UStJQ2dtMlBiWUN3aStnZVFZSExscUNaMnlqdWZVZHlsV0...
444 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8rHZ63wyYTVGMGFNUk8rbzhSY2hrZVhST2l2bitiM0JXZy85ZEVYYnZjVkxzY0t2VXJENDYwS21ZTWRjY0xoaVh5WjBJazN3ZEhaU0J5K0cxSHhrdWVscGl6UStJQ2dtMlBiWUN3aStnZVFZSExscUNaMnlqdWZVZHlsV090M004RmlTcjl1c3lzKys4eGRwODBqWmRRMjBwek9XT1FnUTJ5YnBSZ3lQakZ0ZzJvV0JITTYrZ1NtajRYT1dTOThFS2h1dWNOdzNoNzl6NEFQcWxyV1N5amJITXg2NWdoNTlQT2RsYnRERGpBSHBZOHBYVXc4b3psLzFUNXl3OWhYNkZ5cGpjUkpnR2ZYY1o2WXVJNTFHck55N3NXMG5kcEJXVzFHSXN1Y3AxVHEzVjVSVTVwSGtINmF1STl3UitVcE8wa05iS3w&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69610061606ef4c6a3d43002ecfc4ab5d6505b76c17872501277ea4aafb9d0e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
755414
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8rHZ63wyYTVGMGFNUk8rbzhSY2hrZVhST2l2bitiM0JXZy85ZEVYYnZjVkxzY0t2VXJENDYwS21ZTWRjY0xoaVh5WjBJazN3ZEhaU0J5K0cxSHhrdWVscGl6UStJQ2dtMlBiWUN3aStnZVFZSExscUNaMnlqdWZVZHlsV090M004RmlTcjl1c3lzKys4eGRwODBqWmRRMjBwek9XT1FnUTJ5YnBSZ3lQakZ0ZzJvV0JITTYrZ1NtajRYT1dTOThFS2h1dWNOdzNoNzl6NEFQcWxyV1N5amJITXg2NWdoNTlQT2RsYnRERGpBSHBZOHBYVXc4b3psLzFUNXl3OWhYNkZ5cGpjUkpnR2ZYY1o2WXVJNTFHck55N3NXMG5kcEJXVzFHSXN1Y3AxVHEzVjVSVTVwSGtINmF1STl3UitVcE8wa05iS3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
299210
content-length
0
expires
0
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame 5034 		551 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837145014
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6b3cbe189743a8e5fc4bb15ef45a2f7ea9a1bfce44473a3470bf68cc4e95517e

Request headers

Referer
https://ad.adinc.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Date
Wed, 01 Nov 2023 11:12:25 GMT
Server
Microsoft-IIS/10.0
ad
dsp.mobwithad.com/v1/ Frame 0216 		631 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
4023c192a75862ff2207255512ac50eca7ee85ed34ce54e9adb8397245ce0794

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525253A%2525252525252525252F%2525252525252525252Fnews.heraldcorp.com%2525252525252525252Fview.php%252525252525252525253Fud%252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 09D9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
27702dba82e9ac8c815d6ff0e6bdc6506532b9036c99f5cbcb0c63b9f26c95d0

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:26 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
tend_child.js
js.ad4989.co.kr/common/js/ Frame 5034 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad4989.co.kr/common/js/tend_child.js
Requested by
Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837145014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.235.211.26 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software
/
Resource Hash
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:24 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges
bytes
etag
"5e539ef6:1164"
content-length
4452
content-type
application/javascript
5fe005ab9ce5d551195849
dspserver.adpnut.com/ron/jsonp/ Frame 3644 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspserver.adpnut.com/ron/jsonp/5fe005ab9ce5d551195849?callback=jQuery112305828782488836344_1698837146095&_=1698837146096
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/jquery/jquery-1.12.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.202.160.93 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-202-160-93.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8b10e9954ecb4e5b3124a1256d19fff234766754d9a3dabbec15a2f218f80545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Wed, 01 Nov 2023 11:12:27 GMT
date
Wed, 01 Nov 2023 11:12:27 GMT
cache-control
no-cache="set-cookie"
content-type
application/json
server
nginx/1.18.0
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame 5034 		79 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&query=&lang=utf-8&cookieval=&tm=1698837146145&jquerycallback=foinCookie.setReferrer_local
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cDovL25ld3MuaGVyYWxkY29ycC5jb20v&inflow=&adurl=//ad.adinc.kr&lang=utf-8&tm=1698837145014
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Date
Wed, 01 Nov 2023 11:12:26 GMT
Cache-Control
no-cache
Server
Microsoft-IIS/10.0
Connection
close
Content-type
text/html
publishertag.js
static.criteo.net/js/ld/ Frame 09D9 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:26 GMT
cdb
bidder.criteo.com/ Frame 09D9 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=RpwuLV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNyJTJCM2pqOGxrN3dsekJHeTlOMFFGZmlIJTJGUlZLak9UVGZNMUdMazFYMkklMkZKJTJGNGJHYTVoZFglMkZ1ZkVVQ2YlMkJzc1p1Z05xZFdhOVR6bDQxUGVwbHg0Q0lKQ0YxQVhJVkNHV0o1WjhtZjk4eUd0Nno5RVA5cEloRXRaaWxtTkZPejlJUSUzRCUzRA&cb=37039879029
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 4B67 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:26 GMT
server
Kestrel
server-processing-duration-in-ticks
861989
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame 7A41 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
b1c7cd994a3c3ee573fc0a7c8b34fd7fff72081387dd843cd2248529c3a97928

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:26 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 09D9 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 09D9 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:26 GMT
pixel.gif
static.criteo.net/images/ Frame 09D9 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525253A%252525252525252525252F%252525252525252525252Fnews.heraldcorp.com%252525252525252525252Fview.php%25252525252525252525253Fud%25252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:26 GMT
pelicanc.dll
ad.adinc.kr/cgi-bin/ Frame 61F0 		0
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adinc.kr/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1698837146834
Requested by
Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engine.tend-table.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-type
text/html
Date
Wed, 01 Nov 2023 11:12:27 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma
no-cache
Server
Microsoft-IIS/10.0
sid
mug.criteo.com/ Frame 4B67
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=RpwuLV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnNyJTJCM2pqOGxrN3dsek...
  • https://mug.criteo.com/sid?cpp=dlL8n3wwSS94TFJaOWJkQkVlZlRNRnBIV0w5bGM4aU8xbzNDR3o0aEZWZCsvK05BQ2paZTFvaTU4anhmWWt5Ymh3Y3dkd0JHM0pIUmR2UGVES0p1bWtyRXlKdDIzT0lMSy82bUtKV21CTEFRekIxYWlPSVdDYTFCUjRZcV...
436 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dlL8n3wwSS94TFJaOWJkQkVlZlRNRnBIV0w5bGM4aU8xbzNDR3o0aEZWZCsvK05BQ2paZTFvaTU4anhmWWt5Ymh3Y3dkd0JHM0pIUmR2UGVES0p1bWtyRXlKdDIzT0lMSy82bUtKV21CTEFRekIxYWlPSVdDYTFCUjRZcVk4SkFRc3VkaTFVMzc1K0FRWkwrR01YZW1VbVN4REpBWW1YRVhqSWpianZTOXZyb2JpVlhXUWRkYTBoSzZpemRLajlSb0szcVNXbStFSEtwaG9MNjVyaGN2VFk4MnhZSUVHb1gvbmRKV09GMHE3dTlxVjlub2w3Kzdmc1l3YlhaVlFLOWlhckRMempqWEVEZ0czNHdSdlNjSFI3SldLSGl2SUZHRmRHZXN6TzNTdkg3dmVVYjhpdlhtUVR6eXZDbTZuemQ4SVpDWnw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b448edc0cdf3573cc0a8c5e2f56f7d3df9b3c7c84f0f6091aa9b13ae0279c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
801283
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=dlL8n3wwSS94TFJaOWJkQkVlZlRNRnBIV0w5bGM4aU8xbzNDR3o0aEZWZCsvK05BQ2paZTFvaTU4anhmWWt5Ymh3Y3dkd0JHM0pIUmR2UGVES0p1bWtyRXlKdDIzT0lMSy82bUtKV21CTEFRekIxYWlPSVdDYTFCUjRZcVk4SkFRc3VkaTFVMzc1K0FRWkwrR01YZW1VbVN4REpBWW1YRVhqSWpianZTOXZyb2JpVlhXUWRkYTBoSzZpemRLajlSb0szcVNXbStFSEtwaG9MNjVyaGN2VFk4MnhZSUVHb1gvbmRKV09GMHE3dTlxVjlub2w3Kzdmc1l3YlhaVlFLOWlhckRMempqWEVEZ0czNHdSdlNjSFI3SldLSGl2SUZHRmRHZXN6TzNTdkg3dmVVYjhpdlhtUVR6eXZDbTZuemQ4SVpDWnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
286259
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 51FF 		655 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
6dbd5c0a9a49bc41af2653bb36183555cf9c84c08a9cf59519bccd065e4e55ab

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525253A%25252525252525252525252F%25252525252525252525252Fnews.heraldcorp.com%25252525252525252525252Fview.php%2525252525252525252525253Fud%2525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:26 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
acb00524ec373c32fe8d66ae26e7303a.jpg
img.adpnut.com/creative/ Frame 3644 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpnut.com/creative/acb00524ec373c32fe8d66ae26e7303a.jpg
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
nginx /
Resource Hash
795dc6195e36c718bf4a8fe0794bb7126fc54468649fb7f2a90f45b25df23989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:26 GMT
Last-Modified
Wed, 11 Oct 2023 05:39:50 GMT
Server
nginx
ETag
"65263526-b5c6"
X-Cache-Status
HIT, HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
46534
b1da64b678273b30c1b328da526dcb69.jpg
img.adpnut.com/creative/ Frame 3644 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpnut.com/creative/b1da64b678273b30c1b328da526dcb69.jpg
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
nginx /
Resource Hash
c2350557e6bbc4811dd8a9443af0971ccf3f7a75b061f811895ca99205b4338d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:26 GMT
Last-Modified
Thu, 20 Apr 2023 23:49:46 GMT
Server
nginx
ETag
"6441cf9a-b7a1"
X-Cache-Status
HIT, HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
47009
d5f2cc18dcc3874a6460b94bf9f0dd72.jpg
img.adpnut.com/creative/ Frame 3644 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpnut.com/creative/d5f2cc18dcc3874a6460b94bf9f0dd72.jpg
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3df8ce96d6a9012ef555f4754564b8f75b94c5d222f5852ca1d4c447d622767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:26 GMT
Last-Modified
Wed, 13 Sep 2023 05:35:20 GMT
Server
nginx
ETag
"65014a18-a118"
X-Cache-Status
HIT, HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
41240
752912bbf98f0c2bb32ff92cdf517fb5.jpg
img.adpnut.com/creative/ Frame 3644 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpnut.com/creative/752912bbf98f0c2bb32ff92cdf517fb5.jpg
Requested by
Host: adex.ednplus.com
URL: https://adex.ednplus.com/xc/h/yyBcFS3k/passback?r=0.830976962889852&xcg=c3WzDNXEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
nginx /
Resource Hash
0709bb6d037d4c1d612586091719a490cb807b9091c23050df2d7280a936897b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adex.ednplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 11:12:26 GMT
Last-Modified
Mon, 18 Sep 2023 07:49:15 GMT
Server
nginx
ETag
"650800fb-735c"
X-Cache-Status
MISS, HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
29532
adBanner
www.mediacategory.com/servlet/ Frame C1E8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
64f8b8509abe7b83b0844368c9f7f1c9949f619c954bfa60edd36f482dfa9c4f

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:27 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame C1E8 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:27 GMT
cdb
bidder.criteo.com/ Frame C1E8 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=BK1fY19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm5RamcwciUyRk81U2dQV1pHclRFVUo3V0VoM0pxNDVNNWd6aVNsJTJGSThJJTJCZmFHOXFzZXpUVEU3Y1hKeUg0TXBJZjc5MUgyc29TMHVZUHlaMUhENWdNSFFpWXlnTGFQd1dHbzR0TmdiSjg1eGVVSzltblhveG9MQVR2aHRFN0c1WHoyUSUzRCUzRA&cb=10985335170
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame C66D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:27 GMT
server
Kestrel
server-processing-duration-in-ticks
894831
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame C66D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=BK1fY19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm5RamcwciUyRk81U2dQV1...
  • https://mug.criteo.com/sid?cpp=kE77inwwT3VCUWlMazQxQnV6V05mWW56bjFBanlvMy9uc0xRRHJROTQ0MHFFY1pPWUxaRUdHNmROUlUzZ1VOV2VrMkhCaXlDRVFHQzZMVnNNOWlxM3oyTmpGOC9DdzlIN3h2dnpZYlovV2czcjY5R1VQY29Oc3lmM1ZWUm...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kE77inwwT3VCUWlMazQxQnV6V05mWW56bjFBanlvMy9uc0xRRHJROTQ0MHFFY1pPWUxaRUdHNmROUlUzZ1VOV2VrMkhCaXlDRVFHQzZMVnNNOWlxM3oyTmpGOC9DdzlIN3h2dnpZYlovV2czcjY5R1VQY29Oc3lmM1ZWUmFrME50dE1CS01IVHNvay8yVllreE1DaUFtMkNzMVdNRGlnS0kzV200ay9vdUt6aXV2dXE0Z2llZEtGaTVDMHNWK01kdk5qY05DcnoxZTR0VzFJZnRJRk0vaXJ1eFVmMVRUSUdtMnd0RGI2UWEzSFRVdE1ISkpZUHVxdmNqZTlmWkMrNFVOZGVTOFFlZmdWUkVJTWZkMG82YVZhWksxTWlDRjBONDExcm1yZTJNNHBScEN2REF1K1VHR1ArVU5IdE5hVGtRZ1RSVHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9fc581d25f1e0426d0a98497080fc16a9f9a7439015698cd7203abe3aaae9bbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
674340
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kE77inwwT3VCUWlMazQxQnV6V05mWW56bjFBanlvMy9uc0xRRHJROTQ0MHFFY1pPWUxaRUdHNmROUlUzZ1VOV2VrMkhCaXlDRVFHQzZMVnNNOWlxM3oyTmpGOC9DdzlIN3h2dnpZYlovV2czcjY5R1VQY29Oc3lmM1ZWUmFrME50dE1CS01IVHNvay8yVllreE1DaUFtMkNzMVdNRGlnS0kzV200ay9vdUt6aXV2dXE0Z2llZEtGaTVDMHNWK01kdk5qY05DcnoxZTR0VzFJZnRJRk0vaXJ1eFVmMVRUSUdtMnd0RGI2UWEzSFRVdE1ISkpZUHVxdmNqZTlmWkMrNFVOZGVTOFFlZmdWUkVJTWZkMG82YVZhWksxTWlDRjBONDExcm1yZTJNNHBScEN2REF1K1VHR1ArVU5IdE5hVGtRZ1RSVHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
289753
content-length
0
expires
0
pixel.gif
static.criteo.net/images/ Frame C1E8 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:27 GMT
pixel.gif
static.criteo.net/images/ Frame C1E8 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:27 GMT
adBanner
www.mediacategory.com/servlet/ Frame 955A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e59a5be1286a252228cfde6cfdb37bca03bfbaf8b7f0208b2268e9b11e122457

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:27 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame C1E8 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252Fview.php%252525252525252525252525253Fud%252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ad
dsp.mobwithad.com/v1/ Frame 3332 		679 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
0cabc1e0ca89c6cdae29db406b0fc85888025b08d0f8d8d45d2ee04d034222c8

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252Fview.php%25252525252525252525252525253Fud%25252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 1E66 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
ccdfd765ba0dec5d4f4e8c8dba1059533809683f12e8867f4e174e67e85e3f1b

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:28 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 1E66 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:28 GMT
cdb
bidder.criteo.com/ Frame 1E66 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=2V0whV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmd6ZjNWcmhmQVZhWVdYNE5Dd0dyU24lMkZOWGt3RHBoQWo3NFhFTEVFWiUyRjRHejE5V0YxM01EMkdDRElOVGdMUndVQ3NBdXoyeCUyQmdiMVNnRSUyRlA3Sjc4YVZmd1hVbHhzNjlWc01hck1QaDBoQSUyQkx5QkUlMkZ1ZCUyRkR4aWNLSDc1d0tHJTJCTHclM0QlM0Q&cb=36305034652
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:28 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 44F1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:28 GMT
server
Kestrel
server-processing-duration-in-ticks
778935
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame 97AC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
a3c17f4b4caa3ba4dacd5531ba39192ed3ca7eff3faca62ddd24c9cc103eaead

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:28 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 1E66 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:28 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 1E66 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:28 GMT
pixel.gif
static.criteo.net/images/ Frame 1E66 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252Fview.php%2525252525252525252525252525253Fud%2525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:28 GMT
sid
mug.criteo.com/ Frame 44F1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=2V0whV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmd6ZjNWcmhmQVZhWVdYNE...
  • https://mug.criteo.com/sid?cpp=aDscQXwvVndnVTFYckZCSjZWSmtBK1NNTXZNK3cwdFdJY1duTXdJekdwbElOMUFLOVRCY0hTSHdLZVgyT3AwV3FRdUswREZuNm1KRTJxaVkzVkw5K3Vibjlqais1NTVLZG9mVGJtSHlka0U5VFg5cWt3d3V3RWFtZWtrWj...
441 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aDscQXwvVndnVTFYckZCSjZWSmtBK1NNTXZNK3cwdFdJY1duTXdJekdwbElOMUFLOVRCY0hTSHdLZVgyT3AwV3FRdUswREZuNm1KRTJxaVkzVkw5K3Vibjlqais1NTVLZG9mVGJtSHlka0U5VFg5cWt3d3V3RWFtZWtrWjJNY2diYWJuK004dWtnaTNCWTBkVUtEMVhpZW1wWWlrQjRrVVFsNkdEQkt4NEtab3A2Z002SC8wRkFldFFZSU1pSEsxdENDYVZISWJnNHBwODUxOUk3ckhGampWdUJxVnBLamcralludGMxTnI4S3VjNVB1Y3dWcExhbmZQT0llT3RubW5OTDd2VG5ORmxRdHVEWjdvTmttbit2eE0wNytXS0JVQStJMmZMWlRvQmlkWkgwNW03Uko0MVozd0lRNEFGOVpESlNaQ3w&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a6727220eb461ba931615e3fe229bd7302899dae8b4884ce466b5f1a1cfb38e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
895360
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aDscQXwvVndnVTFYckZCSjZWSmtBK1NNTXZNK3cwdFdJY1duTXdJekdwbElOMUFLOVRCY0hTSHdLZVgyT3AwV3FRdUswREZuNm1KRTJxaVkzVkw5K3Vibjlqais1NTVLZG9mVGJtSHlka0U5VFg5cWt3d3V3RWFtZWtrWjJNY2diYWJuK004dWtnaTNCWTBkVUtEMVhpZW1wWWlrQjRrVVFsNkdEQkt4NEtab3A2Z002SC8wRkFldFFZSU1pSEsxdENDYVZISWJnNHBwODUxOUk3ckhGampWdUJxVnBLamcralludGMxTnI4S3VjNVB1Y3dWcExhbmZQT0llT3RubW5OTDd2VG5ORmxRdHVEWjdvTmttbit2eE0wNytXS0JVQStJMmZMWlRvQmlkWkgwNW03Uko0MVozd0lRNEFGOVpESlNaQ3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
288892
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 45F5 		703 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
4402ab5e282d1b8bfe2167e243edf3310688af11ad31938011823e4ae955f3e2

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252Fview.php%252525252525252525252525252525253Fud%252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:28 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 365F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
95dd4923b11cbc294221a287e1c5d443debc58a2ba6a07d077eb34efd4edf521

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:29 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 365F 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:29 GMT
cdb
bidder.criteo.com/ Frame 365F 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=1wlyz19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmpSUEJYTiUyRkN6TFZCJTJCRVUxNXJzd2hzdDJ5dWtnejJtOVN1M2F3SThOaVFNMGdkcUVoNyUyRlloUFQxU3BySVVDcXQ2aXNmT1hOMjRrRUQlMkJYYzNpb1cyaHBLSGMlMkZ1ZnF6NmpoTUUlMkJxekZGUDNvUlMlMkZjOGJMUUVuRjg4RWk3dmlmeW9nJTNEJTNE&cb=45812795269
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 9298 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:29 GMT
server
Kestrel
server-processing-duration-in-ticks
858503
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame 365F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:29 GMT
pixel.gif
static.criteo.net/images/ Frame 365F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:29 GMT
adBanner
www.mediacategory.com/servlet/ Frame 9CFC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
120593a6fc32eeebee6b7ba5c6c4a6cb2e0a0e38c9827ee8ba92521ee2344680

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:29 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 365F 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252Fview.php%25252525252525252525252525252525253Fud%25252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 9298
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=1wlyz19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmpSUEJYTiUyRkN6TFZCJT...
  • https://mug.criteo.com/sid?cpp=LoECwHxSQVVIZFdMVnYxWXk0cm5OS0JzaGgxS1BJSmdOQS8wclR4N3IxbEY5eUsvbmRoZXd3b1AzMUNlTURlc3BZdVE4cEdLWWw0dk1LbWNZUlFYT01HMmhqNzRjZkxpZU1RSVRyNFFMMHJzdjkveHo2MThrTDZDMWlmUH...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LoECwHxSQVVIZFdMVnYxWXk0cm5OS0JzaGgxS1BJSmdOQS8wclR4N3IxbEY5eUsvbmRoZXd3b1AzMUNlTURlc3BZdVE4cEdLWWw0dk1LbWNZUlFYT01HMmhqNzRjZkxpZU1RSVRyNFFMMHJzdjkveHo2MThrTDZDMWlmUHFNYThwVjJLakFCTllMQUt3aVAzSUUveDRSMGEzQnZOQXRKSEx1OW9XZDdLcnJWd1JoN0cydk5VTWV5a2prU3RNM1BOUmxWWGpROE1wVnpGVnluaEMvYjN3NS9OdUJVcW01bVpRU1ZCbU5teGN0L3FBTkNBSEZjVVBnSFF4SVZjN2dKbXR1QkN6TFdrbi9WQW41d0pHRWFmUk5xdlRYM2dYa0MycCtxdVR6bndZci9hWXdrekY2MkZHcXFUOU11a0NQdHJrUG5qeHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b572cf9e0a4c5b883208ba60d1e830cc4a72cbcf530a6b9c57316cf9a5a322b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
709227
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LoECwHxSQVVIZFdMVnYxWXk0cm5OS0JzaGgxS1BJSmdOQS8wclR4N3IxbEY5eUsvbmRoZXd3b1AzMUNlTURlc3BZdVE4cEdLWWw0dk1LbWNZUlFYT01HMmhqNzRjZkxpZU1RSVRyNFFMMHJzdjkveHo2MThrTDZDMWlmUHFNYThwVjJLakFCTllMQUt3aVAzSUUveDRSMGEzQnZOQXRKSEx1OW9XZDdLcnJWd1JoN0cydk5VTWV5a2prU3RNM1BOUmxWWGpROE1wVnpGVnluaEMvYjN3NS9OdUJVcW01bVpRU1ZCbU5teGN0L3FBTkNBSEZjVVBnSFF4SVZjN2dKbXR1QkN6TFdrbi9WQW41d0pHRWFmUk5xdlRYM2dYa0MycCtxdVR6bndZci9hWXdrekY2MkZHcXFUOU11a0NQdHJrUG5qeHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
368689
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame CA07 		727 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
988227fc94681ea077597aa22047ecc2e218faa2c66c61bb02b562e5f129f97f

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252Fview.php%2525252525252525252525252525252525253Fud%2525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:29 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 0A4B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
da89c24c1ea4cb1cd2cf082f59934229eeb0a17bc0b417f863b78c0051677423

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:30 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 0A4B 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:30 GMT
cdb
bidder.criteo.com/ Frame 0A4B 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=z9rur19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnJISnIySDZLZHNmZUpBVURuZTVkZEtUc2JVS001S0M5a2xiSWElMkZhRTNua01Qa1NMYldJdmEyZmlHbGxaN2toQ1dqWkk1T1U0VFl5TnRDVkp4aWdiRWRCZ3d6Zmp6eHh6NVZpUm93N2Q2WHlVVmhkJTJCRk9WVVVBMXd1cFBTWG55eWclM0QlM0Q&cb=63380395257
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame ECEA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:29 GMT
server
Kestrel
server-processing-duration-in-ticks
779243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame 0A4B 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:30 GMT
pixel.gif
static.criteo.net/images/ Frame 0A4B 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:30 GMT
adBanner
www.mediacategory.com/servlet/ Frame C4A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
fc01b80911d4def44cec532d2fe211a711b9ec99e2c2a8bfead58aa0f7bbe759

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:30 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 0A4B 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525253Fud%252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame ECEA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=z9rur19TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnJISnIySDZLZHNmZUpBVU...
  • https://mug.criteo.com/sid?cpp=iX8E6Xx0QkVOYjhrL1Y3VUQ3cjRzbjhTdEdKOWZPUkcxdWpQYk45cnRQOXVUUVR3NTdFUkFZbFVKaDl6Slc0ZG5wK0dMOUQwY1RxSjNKUHNidjBUd0JoRFBUMjBxUFJWTHZYcUhaL2JvN2lnNzUrMTA1UDk2VWVXR2cxQT...
422 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iX8E6Xx0QkVOYjhrL1Y3VUQ3cjRzbjhTdEdKOWZPUkcxdWpQYk45cnRQOXVUUVR3NTdFUkFZbFVKaDl6Slc0ZG5wK0dMOUQwY1RxSjNKUHNidjBUd0JoRFBUMjBxUFJWTHZYcUhaL2JvN2lnNzUrMTA1UDk2VWVXR2cxQTJ3UktoSXRGLzF3aWczc2MvUjhJWkRDSlBaUVl1K3U3K0l1M1IyL0FtZ3F0YVBBaDJxUG85YlhRcWwzVzVYSjBKeEtlQWJ1bnNVYy9LVTZMcUUwVmRvRGlqcWdpalV6NDRUZDcrSDJJL3JtYk91V0szMFF5UkQ2WDRNMGdON1RJVHpQdjducVJDWXpPOWFuRkJCY2VPZEtQc09HdE8wQjlnNkJXWjduY0trN2FXYXNaeWVNZ1ZyYkRYbTMwbWx0eld5TkFLSytxUHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
335acf998d169ea78ac648080598f173f1db2e5fd82290e0cd083e1cc21f2780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1222709
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iX8E6Xx0QkVOYjhrL1Y3VUQ3cjRzbjhTdEdKOWZPUkcxdWpQYk45cnRQOXVUUVR3NTdFUkFZbFVKaDl6Slc0ZG5wK0dMOUQwY1RxSjNKUHNidjBUd0JoRFBUMjBxUFJWTHZYcUhaL2JvN2lnNzUrMTA1UDk2VWVXR2cxQTJ3UktoSXRGLzF3aWczc2MvUjhJWkRDSlBaUVl1K3U3K0l1M1IyL0FtZ3F0YVBBaDJxUG85YlhRcWwzVzVYSjBKeEtlQWJ1bnNVYy9LVTZMcUUwVmRvRGlqcWdpalV6NDRUZDcrSDJJL3JtYk91V0szMFF5UkQ2WDRNMGdON1RJVHpQdjducVJDWXpPOWFuRkJCY2VPZEtQc09HdE8wQjlnNkJXWjduY0trN2FXYXNaeWVNZ1ZyYkRYbTMwbWx0eld5TkFLSytxUHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
284425
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 341E 		751 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
10808d043495ae195a5f7f72e5964f89eaf365181bb6be9e7cd4b45487cc77c6

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:29 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 6CB1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
ca8dedb472f150371162a892cc590ba1061cf414ab7f9580c42d5077e8e739a8

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:30 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 6CB1 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:31 GMT
cdb
bidder.criteo.com/ Frame 6CB1 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=6Kf_CV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnAzb0dsM1VjOXV4ZkNMVnFlUDM4c2FxYnV2MkZvbmhidUllUWNpYTNjc3FaellTRVpIZDhGJTJCYklSRjh2dVVzdlMwRTAwNXFSN0FIZTlsTTY5UGtrYThnTWVldHNHcDZxZVJPeTJpWU85eSUyRlloT3RGNE9hdTJOaGlhQ2FWYkdXeXclM0QlM0Q&cb=82992900438
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 796B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:31 GMT
server
Kestrel
server-processing-duration-in-ticks
2558257
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame 6CB1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:31 GMT
pixel.gif
static.criteo.net/images/ Frame 6CB1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:31 GMT
adBanner
www.mediacategory.com/servlet/ Frame D9B6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
d933119d35f2e7a69f9a2776dd7e2d6598d81ac4a6b5630622dc948bacf4487b

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:31 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 6CB1 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 796B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=6Kf_CV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnAzb0dsM1VjOXV4ZkNMVn...
  • https://mug.criteo.com/sid?cpp=HzmTh3xZMDBydFZQMTRBUjFmc2hKb0U0MGFKcFdFRjJ2UGQ3SDI4ZWV4eDU1Nm1DWFRqNWRmYm4xNzNtc0pSWHBseXErNkJ4OW5vWGMwa2hpUHFUTUtrMnkrSU9OZXBJWGVvR1BxRWpYZXcxb0toeHdPWXZlNkQydkorSW...
419 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HzmTh3xZMDBydFZQMTRBUjFmc2hKb0U0MGFKcFdFRjJ2UGQ3SDI4ZWV4eDU1Nm1DWFRqNWRmYm4xNzNtc0pSWHBseXErNkJ4OW5vWGMwa2hpUHFUTUtrMnkrSU9OZXBJWGVvR1BxRWpYZXcxb0toeHdPWXZlNkQydkorSWlJYkxHNTc4M2sxSkdmSDNjL050UTByY0ovRnVzNzBwWHJvT21PUHBoNEg2eEswTE0wV3hBMUhKNkxBN3dHRENwaGg2blUrSlFRcmNGVS96dFhxd3AxVzhVbkIva2VhZnN0b3hIVWVHcFFlSE1NS0tGT2NKaE1UNXJwcDdEQWRsSWgrbjZxbGZBeVpRaWRRSmtWK2RxSVMrd1hmc2JJUCtUcXUyT1E4NXVEZUZIeVNxNnRoeDd5VlFMTWI1WUZGaXdPanNSRHFEanw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
06cd77cf6bd01e3b78ff63d4d8469c72d3086ee03c6ed0dcdd2203d53540a15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
865903
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HzmTh3xZMDBydFZQMTRBUjFmc2hKb0U0MGFKcFdFRjJ2UGQ3SDI4ZWV4eDU1Nm1DWFRqNWRmYm4xNzNtc0pSWHBseXErNkJ4OW5vWGMwa2hpUHFUTUtrMnkrSU9OZXBJWGVvR1BxRWpYZXcxb0toeHdPWXZlNkQydkorSWlJYkxHNTc4M2sxSkdmSDNjL050UTByY0ovRnVzNzBwWHJvT21PUHBoNEg2eEswTE0wV3hBMUhKNkxBN3dHRENwaGg2blUrSlFRcmNGVS96dFhxd3AxVzhVbkIva2VhZnN0b3hIVWVHcFFlSE1NS0tGT2NKaE1UNXJwcDdEQWRsSWgrbjZxbGZBeVpRaWRRSmtWK2RxSVMrd1hmc2JJUCtUcXUyT1E4NXVEZUZIeVNxNnRoeDd5VlFMTWI1WUZGaXdPanNSRHFEanw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
387849
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 4C5E 		775 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
64d345358a22698a4f8c3c4da5ae026709fa1b9eeae29997212299200d93ccc0

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:30 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 2138 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
53a798c8455dede15e10b58c5324a38ca7ac55f795ddf17e5091dff215108b57

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:31 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 2138 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:32 GMT
cdb
bidder.criteo.com/ Frame 2138 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=upCJlV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmlaelQ0TWI0NXlrNld2c2tuQkRrUHVQd0lSamZFRDFzV2dKUUFiQng1VzI0Rjc0ajBudzlnMVkyMmYxYlRJVFhaRXVmVlhFJTJCWlNRbzhBcDcxR2xWRDN0QTNPV2hYeFpoVHpWVE9vNHZTTUxHR3VkbkFnYndyaUg3M2hVdnRuaU9RJTNEJTNE&cb=66040984299
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame F93E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:32 GMT
server
Kestrel
server-processing-duration-in-ticks
4909581
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame FB5F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
bcd10623c3661a43532d0628632e69aa0de45c1d94007618b70ffcedfbd997c5

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:32 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 2138 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 2138 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:32 GMT
pixel.gif
static.criteo.net/images/ Frame 2138 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:32 GMT
sid
mug.criteo.com/ Frame F93E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=upCJlV9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmlaelQ0TWI0NXlrNld2c2...
  • https://mug.criteo.com/sid?cpp=ZKgXAXx2Z0hiZW9zM2N5QlB6QWNsZm9Sb2MxZGE2eHJhb2xWcDhtM01UeUx6QTR5TkpTWUtrY2lEdzRpdTNSU0w3K2NlY291anNKV1ZBeS9vQjhNeU9uZkFvdUlNQUtZcUhFZEE5OERPSkpJRTFBRFhNcHp5Q2NweTQxel...
431 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZKgXAXx2Z0hiZW9zM2N5QlB6QWNsZm9Sb2MxZGE2eHJhb2xWcDhtM01UeUx6QTR5TkpTWUtrY2lEdzRpdTNSU0w3K2NlY291anNKV1ZBeS9vQjhNeU9uZkFvdUlNQUtZcUhFZEE5OERPSkpJRTFBRFhNcHp5Q2NweTQxelRiOWtManpXamJxTjNERjRGcm1BVUVxek5Wdy9HeHFkR0M3VFFnZHV3MmlvTnY0NGIvcUFEbHkyRXZNUjVvWU9DdVNxSTdJcHNSTjBoa25sdEdGSWRORDlUVG9ES2hYaVdFaFNFYkoram12bmtIY2h2d1AxT1NSc1BRYWMvUEI0TTMvVktSWjRQZEJwemdWNTNNU0kwS0ZFUkFGekFwWFZUNzR2R3FTQnNDSnNub1RaRDVEMnlPcUlHWTdOeWEvd0o0Qmx5M3prZHw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dea5132d2cc2a09123e0b62295bf61dc72fe922673ea4cb2ae48f37b026922f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
675522
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ZKgXAXx2Z0hiZW9zM2N5QlB6QWNsZm9Sb2MxZGE2eHJhb2xWcDhtM01UeUx6QTR5TkpTWUtrY2lEdzRpdTNSU0w3K2NlY291anNKV1ZBeS9vQjhNeU9uZkFvdUlNQUtZcUhFZEE5OERPSkpJRTFBRFhNcHp5Q2NweTQxelRiOWtManpXamJxTjNERjRGcm1BVUVxek5Wdy9HeHFkR0M3VFFnZHV3MmlvTnY0NGIvcUFEbHkyRXZNUjVvWU9DdVNxSTdJcHNSTjBoa25sdEdGSWRORDlUVG9ES2hYaVdFaFNFYkoram12bmtIY2h2d1AxT1NSc1BRYWMvUEI0TTMvVktSWjRQZEJwemdWNTNNU0kwS0ZFUkFGekFwWFZUNzR2R3FTQnNDSnNub1RaRDVEMnlPcUlHWTdOeWEvd0o0Qmx5M3prZHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
414070
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame E57E 		799 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
87950f69fa70f0a6f65b0de052001a97a79b91a586ca76800c15ba8d87f6dd9d

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:31 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 0720 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
2280cf8ec9c08640f64dd539644f953b8593ae85eee0bfb05ed715c3ec2eb1ae

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:32 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 0720 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:33 GMT
cdb
bidder.criteo.com/ Frame 0720 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=0Yqj-l9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnYlMkYyZWslMkJVWUNXWkExNExteTM3dXVlVGg2ME9taHNTU1NDa3JzdnNCcWgzTnFySzlRclhVb3JsZ09LZEZjWE10UWJWRkwyY1VYVTNDT3lqdEFnOUFXU1JZbFhwNE1YTmx2dTlaMXhBJTJCVVNkMDZSNE15dWt3c3FuTnMySFJiWWVtdyUzRCUzRA&cb=56282161134
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 2F3E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:32 GMT
server
Kestrel
server-processing-duration-in-ticks
762504
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame 0720 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:33 GMT
pixel.gif
static.criteo.net/images/ Frame 0720 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:33 GMT
adBanner
www.mediacategory.com/servlet/ Frame C9FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
3225c5a7113c9dc2bfb23ed7320798af11669c6358851ebb7c232664f7d24f16

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:33 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 0720 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 2F3E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=0Yqj-l9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUnYlMkYyZWslMkJVWUNXWk...
  • https://mug.criteo.com/sid?cpp=Y0YSn3x5MVJFdEVCTTZmZDgvMG1RdU03S0lTRTRsRFNlWXc3SGJxMDFlVFFMYWVIdEhtbUR1WW85eDZTUFNRTEV3TkI2enUwbE1mdkF5U0VNYk12VkxGcEoxa0NOMjhRR2xWbUJjcXUvdEF5S3c1WHBBWGx3QU5lUEF1Q0...
420 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Y0YSn3x5MVJFdEVCTTZmZDgvMG1RdU03S0lTRTRsRFNlWXc3SGJxMDFlVFFMYWVIdEhtbUR1WW85eDZTUFNRTEV3TkI2enUwbE1mdkF5U0VNYk12VkxGcEoxa0NOMjhRR2xWbUJjcXUvdEF5S3c1WHBBWGx3QU5lUEF1Q0dtYUxDN2lpeGpMckpGd0JaWmduYmhPRnRBOFRXY05Nb2xUQk02dHdqek9XaDJWVXRiQUY5K2lWd29kVVltOUUwb3pwaDhwcGFMcU9FR1ZmaHJ2YTNHaUE5Wk44enNKZmh0QUg5eEdqNVpPdlE3cXZ0M21zVjFtM013MGZtZVlJVWZIVk5EV2k1bXQ0YUp5YThSZXltRDVJelZoRzZWbVFxT1htU24rUGhOWjBDaUhqZXJCbTV2K1lncE12cllFWitkN0pOOTVNR3w&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a65136ff54912b18f52d0f994ffa50941b000fba7ec94f7bb36b5397106f8f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
814035
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Y0YSn3x5MVJFdEVCTTZmZDgvMG1RdU03S0lTRTRsRFNlWXc3SGJxMDFlVFFMYWVIdEhtbUR1WW85eDZTUFNRTEV3TkI2enUwbE1mdkF5U0VNYk12VkxGcEoxa0NOMjhRR2xWbUJjcXUvdEF5S3c1WHBBWGx3QU5lUEF1Q0dtYUxDN2lpeGpMckpGd0JaWmduYmhPRnRBOFRXY05Nb2xUQk02dHdqek9XaDJWVXRiQUY5K2lWd29kVVltOUUwb3pwaDhwcGFMcU9FR1ZmaHJ2YTNHaUE5Wk44enNKZmh0QUg5eEdqNVpPdlE3cXZ0M21zVjFtM013MGZtZVlJVWZIVk5EV2k1bXQ0YUp5YThSZXltRDVJelZoRzZWbVFxT1htU24rUGhOWjBDaUhqZXJCbTV2K1lncE12cllFWitkN0pOOTVNR3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
335269
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 7647 		823 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
96b1b7871da57d1bf776f8f27884ede926aa2dad78c791de4dcc8edf11504d5e

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 9410 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
5785792862a6d9130be4574cd371d9e8315db16a6a0927d743f66edab3aaca8a

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:33 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 9410 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:34 GMT
cdb
bidder.criteo.com/ Frame 9410 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=rDMtKl9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm9iRDhFZUtLUG1Rd3dYS1ZPZGVJNVVKY25ZSFl6Z0ZCU3R5WHF4Mm0yajdreE9OT0FIRE1jS3V5M3BXcXJqMk5qQlFNeHNGc0lQa0k5dTQwYnBtMUN4RFBXSGkyWE1paGswMEFvTFB0UmdaOHZad3FmbUZYY280ZGllbW1SbzlqZyUzRCUzRA&cb=82707692866
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 19AB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:33 GMT
server
Kestrel
server-processing-duration-in-ticks
871866
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adBanner
www.mediacategory.com/servlet/ Frame D1B8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
9a220ac36cabe135a93f76a1d4f9033a180ee706a215fd01f306a8a7eef9568b

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:34 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 9410 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 9410 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:34 GMT
pixel.gif
static.criteo.net/images/ Frame 9410 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:34 GMT
sid
mug.criteo.com/ Frame 19AB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=rDMtKl9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUm9iRDhFZUtLUG1Rd3dYS1...
  • https://mug.criteo.com/sid?cpp=RTtSt3xSM1FXa2lUcUFUa3dJaWZZaVhzT1FVbEViSWFVVHNKNDFHOW5kVkpBSlFGdU10Ukx3VWFnN2hoMXFUdi8vRVY3NmhSQ2xwSSsxcDl4UFB1VVpiMitkbUJQMUlEWWFoLzdRbnhDdDU3OFR6RkppTmxGM0c2WGw0TT...
436 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RTtSt3xSM1FXa2lUcUFUa3dJaWZZaVhzT1FVbEViSWFVVHNKNDFHOW5kVkpBSlFGdU10Ukx3VWFnN2hoMXFUdi8vRVY3NmhSQ2xwSSsxcDl4UFB1VVpiMitkbUJQMUlEWWFoLzdRbnhDdDU3OFR6RkppTmxGM0c2WGw0TTY4Z0c1T2w1UCthdS9jK3VJakNyZGZGUm52Qlh3VGZDWmRvNkNBaEsrMDVjUTBTNUFvTFNSMHpEUzFUU0QxRm1HNEg2Q3lLWUp3bGFyQXY4c2RNMkpYWXFIN3lVemtDNm9iK0VlcGduYW0vTHpYdHUyeGZNbU9Jekxpa2Y3QWpiTWVkMFUwTVFlazlRSlR1S2duNFFiWG13VUNEUWhMOGQ5NEJxLzR2bHJwSnQ2VE5idUN6NC9aTVEwVjVybDZpNTBoMUpCcHpkQnw&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c7bdb57e5d54c01f4b9486c4b208131eac2c22406d8bfac4253cd849e3976bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
822583
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=RTtSt3xSM1FXa2lUcUFUa3dJaWZZaVhzT1FVbEViSWFVVHNKNDFHOW5kVkpBSlFGdU10Ukx3VWFnN2hoMXFUdi8vRVY3NmhSQ2xwSSsxcDl4UFB1VVpiMitkbUJQMUlEWWFoLzdRbnhDdDU3OFR6RkppTmxGM0c2WGw0TTY4Z0c1T2w1UCthdS9jK3VJakNyZGZGUm52Qlh3VGZDWmRvNkNBaEsrMDVjUTBTNUFvTFNSMHpEUzFUU0QxRm1HNEg2Q3lLWUp3bGFyQXY4c2RNMkpYWXFIN3lVemtDNm9iK0VlcGduYW0vTHpYdHUyeGZNbU9Jekxpa2Y3QWpiTWVkMFUwTVFlazlRSlR1S2duNFFiWG13VUNEUWhMOGQ5NEJxLzR2bHJwSnQ2VE5idUN6NC9aTVEwVjVybDZpNTBoMUpCcHpkQnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
305134
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 32B4 		847 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
36e0ee6d4e99a65ec851a0b8144e4b1fe7672a80dc09a4b82e578965d4831491

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:33 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame 9DD1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
d7e2815804eb27b8bd43ffb748243a6a570efb54e198e6bdde93d9fa8a7d633c

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:34 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame 9DD1 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 11:12:35 GMT
cdb
bidder.criteo.com/ Frame 9DD1 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=206&bundle=hCLuSF9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmtReWk5UEprdzhJQlRKRiUyRm9vUmliJTJGOFNzdGtVdUhqRXdMJTJCaGpERjZpYjhsZUg4WjFpRUZ1cDJJNm5NeUsyU21IM1hkMUZQVU9raGgyMXlnSGZHNlZDcmtQRTM2N25PakVicTRVbTRXTzc5QmdGVzJoMFhGalVwY0RMTTRRVzBSdyUzRCUzRA&cb=84000603012
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 78B1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.heraldcorp.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 11:12:35 GMT
server
Kestrel
server-processing-duration-in-ticks
1100915
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
static.criteo.net/images/ Frame 9DD1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:35 GMT
pixel.gif
static.criteo.net/images/ Frame 9DD1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:12:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 11:12:35 GMT
adBanner
www.mediacategory.com/servlet/ Frame 48F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
b0db68555f71955e6a1c06afac55fb541362b4cf5b85b64e3c2bee89fe571b80

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:34 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
events
bidder.criteo.com/csm/ Frame 9DD1 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%25252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Wed, 01 Nov 2023 11:12:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 78B1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.mediacategory.com&sn=ChromeSyncframe&so=2&topUrl=news.heraldcorp.com&bundle=hCLuSF9TbnFSMUFzN2RHJTJCcmVXcGdDQlhCUmtReWk5UEprdzhJQlRKRi...
  • https://mug.criteo.com/sid?cpp=qEuxI3wzc2x1Z1N3S1h2aFdadVYyNjJvRll6MHkvVXZzazlrZ0lQVnVqRnZCaHVqbkF1bDdTZ2tFZFR3NVdJNFdaenRzWDhGcjJQU2tNc2l6dlQ1SE1MY2ZYUVVpMWJCUVdqTEVBSmQvT01UcmpvYzlaaUdzK0dDWDdtOU...
439 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qEuxI3wzc2x1Z1N3S1h2aFdadVYyNjJvRll6MHkvVXZzazlrZ0lQVnVqRnZCaHVqbkF1bDdTZ2tFZFR3NVdJNFdaenRzWDhGcjJQU2tNc2l6dlQ1SE1MY2ZYUVVpMWJCUVdqTEVBSmQvT01UcmpvYzlaaUdzK0dDWDdtOUhySURaaUcySXNWWEZuS3JINncvWFJ6a2FDaHREUktNajR1RzFjYnkzUWxiVWw2NFpNcGJmOStWWTJiL25BT2lsS1NrMk1vWXNEOW1MbWQ1dWlmZElLWm5uUmlXck1PSnA5Uzlrckdkd2h5ZEVZT2s0Mms5d3JrRnE4QWlMakYrdHNsRzE5WDRFdkd1REJ0TkJJYVgvdzBPdHNWOXBhb1JHazh0S011bm9rSUVoNjZuTDMrRTg2N2hseEFEOWtndm9ROTJlUlhPT3w&cppv=2
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
95c13baee52a6f9031d420afff03e41a79d402e1af0afc5916b0d946eec49203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
945552
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 11:12:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qEuxI3wzc2x1Z1N3S1h2aFdadVYyNjJvRll6MHkvVXZzazlrZ0lQVnVqRnZCaHVqbkF1bDdTZ2tFZFR3NVdJNFdaenRzWDhGcjJQU2tNc2l6dlQ1SE1MY2ZYUVVpMWJCUVdqTEVBSmQvT01UcmpvYzlaaUdzK0dDWDdtOUhySURaaUcySXNWWEZuS3JINncvWFJ6a2FDaHREUktNajR1RzFjYnkzUWxiVWw2NFpNcGJmOStWWTJiL25BT2lsS1NrMk1vWXNEOW1MbWQ1dWlmZElLWm5uUmlXck1PSnA5Uzlrckdkd2h5ZEVZT2s0Mms5d3JrRnE4QWlMakYrdHNsRzE5WDRFdkd1REJ0TkJJYVgvdzBPdHNWOXBhb1JHazh0S011bm9rSUVoNjZuTDMrRTg2N2hseEFEOWtndm9ROTJlUlhPT3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268934
content-length
0
expires
0
ad
dsp.mobwithad.com/v1/ Frame 7377 		871 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.142 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
546b06935e6b2961c92f41c393e11f027030ae0a1a3f95a77cd507a9c74d359a

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?location=http%2525252525252525252525252525252525252525252525252525252525253A%25252525252525252525252525252525252525252525252525252525252F%25252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%25252525252525252525252525252525252525252525252525252525252Fview.php%2525252525252525252525252525252525252525252525252525252525253Fud%2525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=criteono
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 11:12:34 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adBanner
www.mediacategory.com/servlet/ Frame D0A7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?location=http%252525252525252525252525252525252525252525252525252525252525253A%2525252525252525252525252525252525252525252525252525252525252F%2525252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%2525252525252525252525252525252525252525252525252525252525252Fview.php%252525252525252525252525252525252525252525252525252525252525253Fud%252525252525252525252525252525252525252525252525252525252525253D20230803000456&s=837695&iwh=160_600&igb=69&cntad=1&cntsr=1&sslRedirect=Y&passback=mwjugon1no
Requested by
Host: dsp.mobwithad.com
URL: https://dsp.mobwithad.com/v1/ad?zone=9139&count=1&output=html&auid=d653192a48ff34904e6bc61218b8a950b9b-3411&pb=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Flocation%3Dhttp%25252525252525252525252525252525252525252525252525252525252525253A%252525252525252525252525252525252525252525252525252525252525252F%252525252525252525252525252525252525252525252525252525252525252Fnews.heraldcorp.com%252525252525252525252525252525252525252525252525252525252525252Fview.php%25252525252525252525252525252525252525252525252525252525252525253Fud%25252525252525252525252525252525252525252525252525252525252525253D20230803000456%26s%3D837695%26iwh%3D160_600%26igb%3D69%26cntad%3D1%26cntsr%3D1%26sslRedirect%3DY%26passback%3Dmwjugon1no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dsp.mobwithad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 01 Nov 2023 11:12:35 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
publishertag.js
static.criteo.net/js/ld/ Frame D0A7 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.js

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| $ function| jQuery function| Swiper function| ModeDisp function| AdMediaJsonDisp function| gtag object| dataLayer boolean| isLoading2 function| jst_newsticker function| jst_font_up function| jst_font_down function| strPlus10Minute function| goURL function| openURL function| imgExtError object| _fbq function| openNav function| closeNav object| jQuery111107691498385336244 function| adcin_08qU function| adcin_08qV object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _pop object| _popIn5_config object| PopIn object| webpackJsonp object| __core-js_shared__ object| core boolean| loadId5Test function| Treasure2 object| JSON3 function| _typeof function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| HawkEyes object| Mobon function| checkLanding function| mobileCheck function| getMobCookie function| setMobCookie function| loadAuidCall function| storageCookieSet function| isUnavailableAuId function| removeFirstCookie function| uniIdCall function| uniIdMergeApiCall function| detectRobotCheck function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| jst_sns_share undefined| jQuery111107691498385336244_1698837133496 function| adcin_08qW function| adcin_08qX function| adcin_08qY function| adcin_08qZ function| dable function| mnc_ad_rt61 function| mnc_ad_rt62 function| mnc_ad_rt63 function| mnc_ad_rt64 function| mnc_ad_rt65 function| mnc_ad_rt66 function| adcin_08qa function| adcin_08qb function| adcin_08qc function| adcin_08qd function| mnc_ad_rt51 function| mnc_ad_rt52 function| mnc_ad_rt53 function| mnc_ad_rt54 function| mnc_ad_rt55 function| realckick_footer function| load_rc_ad2 function| LeftSliderAd1 function| KeywordTagAd object| wcs string| wcs_SerName object| wcs_add function| wcs_do string| index string| _GCD string| _AceTitle string| _aid string| _aname string| _atype string| _pd string| _GUL string| _GPT string| _SGPT object| _AIMG string| _bn string| _PR string| _UD string| _UN function| _IDV undefined| _R string| _JV function| _IX function| _GV function| _XV function| _NOB function| _NIM function| _IL function| _ILF function| _VF function| _LST function| _CST function| _UL function| _AA function| _AGC function| _ASC function| SetUID string| _FCV object| _AIO object| _AIU object| _AIW object| _AIX object| _AIB object| __hdki_xit string| _gX string| _gF string| _gU string| _gE string| _gW string| _gO string| _gB string| LOG_GUL string| _d number| _sv number| _tz string| _ja string| _je string| _bR number| _amt string| _pk string| _ct string| _ll number| _ag string| _id string| _mr string| _gd string| _jn string| _jid string| _skey string| _ud1 string| _ud2 string| _ud3 string| _aceRef string| kisa string| _prl boolean| _frm function| _PT_f function| _WO function| ACEF_Tracking function| _RPS function| _PT function| _EL function| _NA function| _ER function| _PL object| _trl undefined| _rf_idx undefined| _rf_t undefined| ii object| Asp_Link_ssn function| ACEF_Click function| LA_Click string| _DC string| _bz string| _cu number| _cd string| _xrl string| _ak string| _rl number| _bv string| _av string| _xrg string| _arg string| _fwd number| _end string| _rf string| _vs string| _os string| _UA string| _ua string| _ul number| _sc boolean| _bN boolean| _bI boolean| _bO string| _pf object| _ro number| _st string| _str object| _if string| _cmp string| _pf_s string| _YNXGOODS_TYPE_ string| _YNXGOODS_ID_ string| _YNXGOODS_TITLE_ string| IP_ string| CookieValue number| cValue string| cName string| cookieData number| start number| cDay object| expire number| ymdhis undefined| end string| resolution string| url string| img_src object| ImgLogger string| cookies object| foin_cookie_setting function| moveSlide function| moveUp function| moveDown number| e2 undefined| jQuery111107691498385336244_1698837133498 function| passAuidToCallBackFn function| retrieveMobonAuidAndIpInfo function| retrieveMobonAuidAndUniId string| strTarget function| goLink_0CsR function| reopleAttr_0CsR object| reoBackSet_0CsR object| defaults object| options object| productTypeValues object| platformTypeValues function| enlipleMBSHandler object| foin_where_ref object| foin_domainCutInfo object| foin_Base64 string| l_protocol object| l3_date string| Title string| Summary string| Lang object| keywordInfo string| refVal boolean| useRef object| old_refVal string| l_userAgent number| l_isChrome number| l_ver number| l_end object| l_date string| l_url object| l_Body object| l_divObj object| l_style string| key object| l_scrObj object| foin_cookie object| foinCookie function| TreasureJSONPCallback0 function| TreasureJSONPCallback1 boolean| popInPositionAndStyle

40 Cookies

Domain/Path Name / Value
.heraldcorp.com/ Name: _gid
Value: GA1.2.667198495.1698837134
.heraldcorp.com/ Name: _gat_gtag_UA_81791503_8
Value: 1
.heraldcorp.com/ Name: _ga_P350PZECWH
Value: GS1.1.1698837133.1.0.1698837133.0.0.0
.heraldcorp.com/ Name: _ga
Value: GA1.1.1745743290.1698837134
.heraldcorp.com/ Name: _ss_pp_id
Value: fc2cb3482c4162e0e331698833534665
.heraldcorp.com/ Name: _td
Value: 3f21d0a7-2304-430f-9fde-8c9a4269c079
.doubleclick.net/ Name: IDE
Value: AHWqTUnerbkjxtv9ihM5kcIvisLKmyzObBgzwLKZ5NxRswBxOazDQVoYEhbo9hOBVqU
news.heraldcorp.com/ Name: wcs_bt
Value: 207a57b144e35c:1698837137
news.heraldcorp.com/ Name: ACEFCID
Value: UID-654232924BE5751E50FF905F
news.heraldcorp.com/ Name: _ynx150
Value: 1698837138
.mediacategory.com/ Name: Start_Time
Value: "2023110120"
.mediacategory.com/ Name: s_IP_info
Value: "81.95.5.35.18209718"
ad.adinc.kr/ Name: HEAD
Value: 021050TuM7VAQ
.mediacategory.com/ Name: s_au_id
Value: "d653192a48ff34904e6bc61218b8a950b9b-3411"
.criteo.com/ Name: uid
Value: 37280e1b-583e-4305-87e9-98465f1333e4
media.adpnut.com/ Name: FOIN_REF1
Value: http://news.heraldcorp.com/
media.adpnut.com/ Name: HEAD
Value: 021050TuM7W2I
acelogger.heraldcorp.com/ Name: Gsurl
Value: news.heraldcorp.com/view.php%3Fud%3D20230803000456
acelogger.heraldcorp.com/ Name: Gsbref
Value: bookmark
acelogger.heraldcorp.com/ Name: GsTDMY_5
Value: 010100000000|TM_1^TV_2330420^DY_1^DV_23304^WY_1^WV_2344^MH_1^MV_2310^YR_1^YV_123^PD_23304@
acelogger.heraldcorp.com/ Name: GsTDMYT_1
Value: TM_1^TV_2330420^DY_1^DV_23304^WY_1^WV_2344^MH_1^MV_2310^YR_1^YV_123^PD_23304
acelogger.heraldcorp.com/ Name: GsTDMYP_2
Value: TM_1^TV_2330420^DY_1^DV_23304^WY_1^WV_2344^MH_1^MV_2310^YR_1^YV_123^PD_23304
acelogger.heraldcorp.com/ Name: GsTS_5
Value: 010100000000_TS|1698837141337225757^RS|1698837141337225757^IS|0^@
acelogger.heraldcorp.com/ Name: GsTST_1
Value: TS|1698837141337225757^RS|1698837141337225757^IS|0^
acelogger.heraldcorp.com/ Name: GsTSP_2
Value: TS|1698837141337225757^RS|1698837141337225757^IS|0^
acelogger.heraldcorp.com/ Name: GsCK_AC
Value: 1698837141350625756
.adex.ednplus.com/ Name: rawyyBcFS3k
Value: lWcslkZsNHUn1TLmQzZtRXLyRFub2AtN2AnPSHiZ1Fv0GIYcWHhPZxu6GMab2ytaQV_tG4daWWkaZN0pV9OYGSudYB1hG5dYCHvZ199uWMZcWXla
ad.adinc.kr/ Name: FOIN_REF1
Value: http://news.heraldcorp.com/
.adex.ednplus.com/ Name: yyBcFS3k
Value: []
.popin.cc/ Name: uid
Value: fc2cb3482c4162e0e331698833534665
engine.tend-table.com/ Name: HEAD
Value: 010050TuM7WTV
engine.tend-table.com/ Name: FOIN_CATEGORY1
Value:
ad.adinc.kr/ Name: CAMPAIGN
Value: 03iP0LNn20231130B1KCN02200000000
ad.adinc.kr/ Name: FOIN_CATEGORY1
Value:
.wcs.naver.com/ Name: NWB
Value: 5b5519558f87d456faeefa61c887ab36.1698837144981
media.adpnut.com/ Name: FOIN_CATEGORY1
Value:
.adpnut.com/ Name: ADS0
Value: zO[B.A]b7[B.A]zb[B.A]3g[B.A]
.adpnut.com/ Name: PCID
Value: 57235aac4140453ea88c61e04636dbbf-1698837147
.adpnut.com/ Name: TIME
Value: 1698837147
.adpnut.com/ Name: DAY
Value: 305

3 Console Messages

Source Level URL
Text
other warning URL: https://d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: http://news.heraldcorp.com/view.php?ud=20230803000456(Line 1326)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://res.heraldm.com/js/acecounter_V2022.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://news.heraldcorp.com/view.php?ud=20230803000456(Line 1326)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://res.heraldm.com/js/acecounter_V2022.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acelogger.heraldcorp.com
ad.adinc.kr
ad.reople.co.kr
adex.ednplus.com
ads.eu.criteo.com
ads.mncmedia.co.kr
adw.heraldm.com
api.popin.cc
b54ab24525f2d5e3cb264e24bad811c9.safeframe.googlesyndication.com
b9ba91e996601e2110110b2194261de1.safeframe.googlesyndication.com
bidder.criteo.com
cat.nl3.eu.criteo.com
cc9c13dc7c21d7204d7470539cc4a9f4.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.megadata.co.kr
cdn1.ad4989.co.kr
cdn10.ad4989.co.kr
cdn11.ad4989.co.kr
cdn13.ad4989.co.kr
cdn14.ad4989.co.kr
cdn2.ad4989.co.kr
cdn3.ad4989.co.kr
cdn7.ad4989.co.kr
cdn8.ad4989.co.kr
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
d91bd5331711d482568aa38e3f34f1ac.safeframe.googlesyndication.com
dsp.mobwithad.com
dspserver.adpnut.com
engine.tend-table.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hlogger.heraldcorp.com
imageaws.popin.cc
imageproxy.eu.criteo.net
img.adpnut.com
img.mobon.net
in.treasuredata.com
inrecsys.popin.cc
js.ad4989.co.kr
kr.popin.cc
l.newslab.co.kr
log.popin.cc
media.adpnut.com
mncimg.jpg2.kr
mug.criteo.com
news.heraldcorp.com
pagead2.googlesyndication.com
r.popin.cc
region1.google-analytics.com
res.heraldm.com
rlog.popin.cc
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
wcs.naver.com
wcs.naver.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.mediacategory.com
static.criteo.net
1.224.180.63
1.237.47.65
101.235.211.26
110.93.135.40
110.93.143.86
114.108.158.198
114.31.34.229
119.205.238.29
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.174
119.63.198.180
119.63.198.188
125.141.213.35
139.150.249.152
14.129.167.86
178.250.1.6
182.173.183.2
182.173.183.74
2001:4860:4802:34::36
210.89.167.46
211.110.12.12
211.110.63.237
211.226.25.220
211.62.59.142
220.117.190.132
220.117.190.150
221.165.139.2
23.212.205.62
27.102.220.22
27.102.220.23
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2001
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
3.36.37.118
39.127.249.22
43.201.209.159
43.202.160.93
52.4.243.180
58.151.94.210
58.225.75.78
0071dd9e2fed89ed36b3e3a064bfcc613047e812f48019df77b7dc0d5ccf56f6
03c6797742c7bcc3a2a737503f94691f8a814916db9f572943a050408b6fe754
06cd77cf6bd01e3b78ff63d4d8469c72d3086ee03c6ed0dcdd2203d53540a15b
06d705974a55e8d203845287453d7e62fec1d49e6948943717c9e83b63def377
0709bb6d037d4c1d612586091719a490cb807b9091c23050df2d7280a936897b
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0883e5766ffaa01ebc58dc8f8c0523c734d0beebf31080785b0538befa3a9627
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aeef47c2d5f49942d70cb7e1212de296335ad3bd720d4853b97048963bc8674
0b8efbe29a1accd1c9f284948a89c98ef31411597bab1f6fe4f9d19dbc4e76e3
0cabc1e0ca89c6cdae29db406b0fc85888025b08d0f8d8d45d2ee04d034222c8
0ce8bd18ed798bdf9488ed0610cedeccdd6611851c71c9b12bc88bb2ce388488
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2
0dce97325752ec5dbd71d7cb5f0d0a35fecf9d62829e2abe964ebf218a32c4e4
0f2d34af7d66d69e53220ba4484dfad5010298364c02f9971334cac901b5d605
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
10808d043495ae195a5f7f72e5964f89eaf365181bb6be9e7cd4b45487cc77c6
120593a6fc32eeebee6b7ba5c6c4a6cb2e0a0e38c9827ee8ba92521ee2344680
1298217caeacd96042b0e6c68dd8732b67acdd015b29cb224d5feb4822a1c413
13d59d707798611dea2b93c857117d34dc24e4a0ee65f74ccd55ad510f116e81
13db015e79b51c28d05bb150c746e08dfbd6590c24f9769609d51925e88e6812
145e857fe86409dd6cdb0881658247c54e3ad1f593c1e882157a034e518ab6b2
148631c37d59e20c9abe8a8649bb2bd24445b35bfd7fd8d6715b4b838359c8a1
14a8d4fa0948c2e56d3fabfe732121666852888f22fffabb71aed32d5c165c33
14b5308704b32d7851bdbfef07d3b75865345daed0c0baa9b050d2e2b0f0cd28
15a3d60d410dca6cfc5bf2664f9107081d34bbaaf0e4e0d147ee561578009f4e
172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd
18b4f3ca5140ce0a302716fede6333d240dbab284cfea96b2321be58f202b63c
18e27e94e153c92c616cd76dd68cf060fe052aa24a20a1302082775cf54f5fb8
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1b448edc0cdf3573cc0a8c5e2f56f7d3df9b3c7c84f0f6091aa9b13ae0279c1a
1c19e4a0bafb314d29b5476582b39f9c48f7329f6d7ee7a7528e02e3f1c76bb2
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
1f2df6a1a501a0922a976d878630ff43bc46ed73b4b3355d548390a16f58dbf5
21e75c717172aeaf8c8547d6d240a4726941f97054c64c8fd3557ad9d08de49c
2280cf8ec9c08640f64dd539644f953b8593ae85eee0bfb05ed715c3ec2eb1ae
235930661c8b2c5e4266b42c5513d1ec3c89a95dc724dcc667596c136f11402f
23ce65cb8d9a3f11db99a969080a626e8374054d3fb533ed6c5e8f2f234d8872
242cbf2808041d5b0344f9d3f9bf4378959bf0001ccaa2ea071d9dc1603927e5
252c1b07eceb9a25713aefcc3ae1524479d773298727f6dadfc076ae77159b16
25af2d11b23dce7713b28880ca53672f22dece637fef3c918186d7f0d7eeb212
27702dba82e9ac8c815d6ff0e6bdc6506532b9036c99f5cbcb0c63b9f26c95d0
28111c7575694f5e2a43dcb834714358e67fe91c05572c6f28b64ce176042561
29eb124df9cce55298d42e86a0fcb204a97a2cd2cf5af35b8e5dc20213194ff4
29f390053f1aab9b5a7b83d7294c9e1b43e2eacc7869bcd801a190a04b736eff
2d7ec3607ff3cc7c7b43fd82c849c7caabc1e49a814514066e5975bb5574f285
2d9d5fd8c6a3b2aa95e0ebf078876765de3289ed163cdccb85a2b556ae28f5dc
2dea0299a858d3b0dd203bac40c266a24145044425ea6d45cbf6a18d9f402b7d
2dea4f55471791503b4d0677d404bf722e2e71b6156a901bc09e02248df659f6
2e868da2b3e69e48ae9e363a2b433bf66a9425eb81064e3c30379a594ed7dc5d
2fb62d05e44f9ec3b13e953ad5d4c3527585ecea07022cb9afdeec756930fccf
2fe873ef1707592af913eae14f62bace9876235ee7241b37755e5a49761489cb
309c1650bdcb84145f7e6eea1384ae9907df6fc9aab95bfe5035a06691f09dcf
30b32b2eca890c9857966e9759ec185c1fa8c030e0497f30b28232579d164b57
311b37b61b45c3442ca1cd270367ac06330e8a05d850486a21d3bdf84a8d22ee
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3225c5a7113c9dc2bfb23ed7320798af11669c6358851ebb7c232664f7d24f16
335acf998d169ea78ac648080598f173f1db2e5fd82290e0cd083e1cc21f2780
336119c566bd688102807661782c7af17372f777ff822108d6a97782c75b90b2
36e0ee6d4e99a65ec851a0b8144e4b1fe7672a80dc09a4b82e578965d4831491
37a35f1a7856fb3be2deca854a5b07c7f9aec37d9552647c65767be3072b92f5
3836d4f3a5dfd118a210c21e53d220afcda1efd527da21cb8c063c1cab7276f6
3843916525b5b6f769012a333e373c24b26b7c74277139590d0694b9338db772
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1
3a33bc89eb14e97c5f8d7b191bdece5fb0741471a1aec6fcd44e118100f5dc51
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3c5a0c1080bf72ad6e10346aa664db9334fb73fc7a90063a37db6ef4ae217397
3e304d1e70ca6d8b0ddef0f8876e30071b1ce10090ec46c421c0a6bd8a9f26ef
3eb8bbfa9883e21da5e5128fa1d9965d27053bd8cb9e22529885be8b3ecfb609
3ff2dd2a4a612a1f2b87d7c75edf5b1fe2523fdf3af0b3b311c8f0652f375d5c
4023c192a75862ff2207255512ac50eca7ee85ed34ce54e9adb8397245ce0794
411fbe88509a131734ca0753be1d068aa1de7d9912f70eca1aa14e74fa29ca2a
4217863ab2792bd09af3edc61873e4c2f4cf41343b9a7e02b4ee811092982352
4402ab5e282d1b8bfe2167e243edf3310688af11ad31938011823e4ae955f3e2
44e4c9d4adb96d543aa00b22b4e8d104082062254915f22dba2ff75f2097f938
450c459a78f98230f52cf564a2e748740d9e592937662a9dd6bfc4b18406caf4
450c4d6442e91edb58728ea9818de8a22feb9b4fe32b9c7606420d444fd3e4f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f27d875a65b1882636a0737e717cdda578add27daaf281c06d9139fff2b2056
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
510a2db0bbb9effa3b2f00a2adb1b782c9b64775352faf4b64a7fd1ce1eb026c
512cc3026ff6135240d851259a24d545aff12fed406197dc6f549845e086e161
51aad8a59fa7ec7826625e5775d1cd9192eb362a9b6ecde4918c8f8cf5bb6144
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55
53a798c8455dede15e10b58c5324a38ca7ac55f795ddf17e5091dff215108b57
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54285e09b8e36e021df8790287c4234941f36a994e21a49ba7fcd6cd10d8ca90
54382779578cadd369198f376339fedcdc06c6534f00e88d402ee299bb486e72
546b06935e6b2961c92f41c393e11f027030ae0a1a3f95a77cd507a9c74d359a
554e7f0d3808e1ce3adc7f95944e443e64d35b35c4621c3f5efdfa0eda50d864
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562956aa7fef02724ab63cb7fc3dc1efac0cf8f48596137590fd89d367fa82fb
564d9e49b27b1120b5d93268af28638604f37eca11f0d1cf9211777919d38fbc
5785792862a6d9130be4574cd371d9e8315db16a6a0927d743f66edab3aaca8a
579fbaf998be766e286fa419db953110096619c6f2aab3585931b35ac1d8d543
57b88d9e98b94d83948c81824faabe0d6936fd0af24ae04cd895d4f2630dfada
59b22156ec79a264173a27c008e3bfa7c5e3762b21fc5922e2f54c256686feec
5a96348f6c51c72019576802f825660a2febb4b1dfa25610631afa218aa1fd7a
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5ccbf5fcf9846451abf076ab897c6a6878c1d7b967458849bf0762390beae2a9
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
609a925590f3e4ed4a4b72ecee5fd71534ae2a3fb712a7cf88eae809b1bee131
60d58ffbf8b94c22edb21593cc457f9e798e6c27c9e9f510704b99b146f340d5
60e83f1b7c3f4fb61a807c87f1dfb71dbe9a667c348897c1417a801e03f76209
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620898b565df6e9a982ed80b0af7bc398df79fbd998cd41e0445dd489298fe81
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7
64af25e95b887300c56cdec9b73b7db3ed010c394fe596c4a53cdf980e9b33d7
64d345358a22698a4f8c3c4da5ae026709fa1b9eeae29997212299200d93ccc0
64f8b8509abe7b83b0844368c9f7f1c9949f619c954bfa60edd36f482dfa9c4f
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
68b2ac7707eedb9ae88401d90b213ef8476028e6571f553ee267446b30c089fe
69610061606ef4c6a3d43002ecfc4ab5d6505b76c17872501277ea4aafb9d0e1
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
6a12290318101668afbfb470e1150ee6b47bedd2da25c7b2c078c7ec6752fc8d
6b166cca7a09fec1c6acd8036357bbc0de385df954f06120e7135bb0d6108baf
6b3cbe189743a8e5fc4bb15ef45a2f7ea9a1bfce44473a3470bf68cc4e95517e
6b479ba5c5c1f44188ee5569cfdb4283e14168c88b8ae280d074732cfefef5d2
6b7caecbdad1f733bf470045806750b5784c5531626abdd345a17da66cf1defe
6b8007125b42fe705375e8f1939e8ded49e7751bd82f7a6fa0aed0390c4f4ff0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9ed68d54aae79f367ddfeb52829defacf377eab66f6bfe3129206a9d74af59
6cd81aa7b1e816ffff309398e2d060ecd08214f1bb9bb2a4c489ffed0b812466
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68
6d0506e1c39f461bbc78a60be55f440be9a36cc4d9d1c458aeaf797c00df8932
6d18620d7ea7a9a9ccf8d9745172aa08c63ff745f14f414b7d52ddf807f50ba0
6dbd5c0a9a49bc41af2653bb36183555cf9c84c08a9cf59519bccd065e4e55ab
6dcceeaef3796ce9af96dc3ed98de928232ff01342c9f03fce4185dc6555d671
6de82aa12d52e0970b0c0ffb7de65f8dc018844ad16de368dbf9a79bcb959a27
6e48a2214bba7341743419b9bda526f1a4214f2f63a9c330d78a7eb43378d2e2
6fa53de8f2ffa90efcf1897cd7a7765a3b5d566a8210853a19b051c661f5e3b9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735c1487dd2d6798ac4bd8220a4df616d2745a80c981398783f195e9f5c5e269
73c9ead27bdd805aadf3fc1aff5c7272c11a63a069f732e2757d0f20ced57867
74c7a7abb58147a2cd81d5a75a71f651a87a74ebde39c69ee61173fc7fc487e8
75408ada0a7482fb508e3b272017828e9c177db49e261a851491a4cc6e2dbb51
7578c2d27c3b487ed902eeb5a60ae96005188e4f8f75c48ae4a0b25d90a60a59
770d47e36d8bfa9f09df470b64b4beaa2c0b63eb9a6e08bdff77b93325c6f6eb
786a5e1f2a1beb765ded483ba651c9b6e4b01b1537473e11eff5bd84c4ce3a29
795dc6195e36c718bf4a8fe0794bb7126fc54468649fb7f2a90f45b25df23989
7a0bed1ecf74431504572bb7468329103b834764a7ea7545d5dd4593b81cdce4
7ad03534894a5a798d689cce910ad729d7b0f3f795b01769d0a3d44989a02fe5
7bcf26cdc56a35a516a936eb7c5ca47af7c879fb0ed7f205b725a2e2b0d703a0
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
7f013186b802f7894e0c955cb94aea361c8054e738b7ebab65800c085a0b4a9f
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d523dac7e9663486d01e2fd0bd9f939b265b70b18337ef72ac3f3fc8b710f8
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
8580eeae11fe774dd619100bd0b3685506eed9623a2d9385c811bf3889947903
87950f69fa70f0a6f65b0de052001a97a79b91a586ca76800c15ba8d87f6dd9d
895005886988e7a24372f928fede19a1a854b5f4f1b08f32cba8060250652e7f
8a2ff2fc21835519556bcf2b3a9cca9361ba3f1e342a9b825ae59bf35759e591
8afac2f59a6fae2fdc598b65283b254c5dc5346663ed97f5fe889bd5727b746b
8b10e9954ecb4e5b3124a1256d19fff234766754d9a3dabbec15a2f218f80545
8ba5e74d3fceb284b15122dc3dae53b2e7b206fac5fdbe6ca14c688033f606c7
8c3b6655d3c388cda738283ae715aaa543f7ce818c3c56c1a38f0fae79e89584
8cf5b748cf9a426a20a0378ae4f424f5861a755d939f390bc5f68040a42dd517
8d590850e29fedb11970625b30058589bc29d4b2ce79b3e1fb30de509e07f533
8dc324b0ff0fb1efbe1562c28128cf04a044aba41256529dedc3b2976b46c3c0
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
906af9ac8c0a4d5c8598df60352e933fb2442ff3fae05e4c03b99c7cf0d1d765
91be2d5c256883932facae8c617d4f531a987842876ba4e0fb38ce3fe10eea7b
95a38889a64ef17a0178c4a96fceeea4c7aebd98c49e7e79bbe5859b0668bb55
95bf6ea151eea56fda0958ef6fb9baab6e3d208dd983b9ed931d8e585dc9bcba
95c13baee52a6f9031d420afff03e41a79d402e1af0afc5916b0d946eec49203
95dd4923b11cbc294221a287e1c5d443debc58a2ba6a07d077eb34efd4edf521
96b1b7871da57d1bf776f8f27884ede926aa2dad78c791de4dcc8edf11504d5e
988227fc94681ea077597aa22047ecc2e218faa2c66c61bb02b562e5f129f97f
989fe861c731c208e4a289847fd015a075381a6c2c4eb3ed899f9a0d22d67392
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a220ac36cabe135a93f76a1d4f9033a180ee706a215fd01f306a8a7eef9568b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ca0ad52786843526347f194bcc8be3952d42800699904fb56faabf94a7ea1f4
9d2ffb9088e8b235bfa46cefc5f6ad53551bbdfa34c94c4304e82531f18c09ff
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85
9fc581d25f1e0426d0a98497080fc16a9f9a7439015698cd7203abe3aaae9bbd
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1fc1c5315f60ab9637f05f02ecee94a35373eeb0fd9b1f100a43f3d4c47c391
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3b5aba5d109b63abcbf0e80e01d9da6627505beb2f7b172f294ed4fc392fbc9
a3c17f4b4caa3ba4dacd5531ba39192ed3ca7eff3faca62ddd24c9cc103eaead
a44f20ddc0e594e0197b44c83e1ec83607640b8c5cee76e44fc57678c3afaa4b
a4ccd5beba4378bf7303a525eb4d38d70025bf997c4abcb0b20768bfa7393cb4
a501173f7a230581bab4ae0759806b9e40976e049d07522f3fe6d832d3194e07
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6
a54f8397777a9c65324f03c8daeeaaf91752b93e881682fc14995b6879524768
a5ee51f8753ef44b2fcf5030f6c8d230d42e90e7625ee9edb87d715fc8e31a52
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
a65136ff54912b18f52d0f994ffa50941b000fba7ec94f7bb36b5397106f8f50
a6727220eb461ba931615e3fe229bd7302899dae8b4884ce466b5f1a1cfb38e5
a68ba82216f79ac8e786cf125e92fc25fd7457b6949271afce698badefbc9f11
a69814422f09965b432159047a2410f304c3321755c9d91f5bc69cccbd5db325
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a881d49563605518e50b6e1e99f7c92a0c091467af04c3d89997ebaa709122db
a8c0c3075009a1221cfcf4309d19e52f8a44ba96faa9ef19fceae79c70cb73e2
aa1b1f126848501aaafcc8a3b57c09394082069e64a82e7d621812eb211fa829
aa20e0694e610b40c2ca752ccc4065cff39d2d8a27ea5c79e8a45b083b2fe543
aa7e757c6fe7ac60acd39f61bd2a988e5fc4cfe3945365085bc13e68ad6d00b8
aafab1bbf1bf73a07d3b212ac5da4160e56ec9b19fdddf7a806a439971cb4f14
ab014815136a1e857de107009645c4ebca275f85814b1223a573da0c75e42ed4
ae50cc6346d669713997e8e999157e771009214a56da5d02ce3d8197e1752f11
afa0da6b113610af3d37cdcd2f8bb15f1f589ff7344ded37c49cb15eded0b9dd
b0302b9353fb6cf625ab8f1d02c76612a4553d7a9536d1af099b74a7059d539a
b0db68555f71955e6a1c06afac55fb541362b4cf5b85b64e3c2bee89fe571b80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c7cd994a3c3ee573fc0a7c8b34fd7fff72081387dd843cd2248529c3a97928
b2a172e113a53d1a73ea479816424e1aaff50735bd288f0c2fc3bc030bbdc1de
b572cf9e0a4c5b883208ba60d1e830cc4a72cbcf530a6b9c57316cf9a5a322b2
b68d22aa26dc4aed4c8216dbcb96e184fc1fb3c56bff363a2f8d462a97df5f2f
b78ba9a9da795dc8e7b8cb0ccf7fbdb051625ea9e73d223e6c9462dfd82966c5
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5
bb2dbaadaed170d3e17c6f8071b8acedaa2075dd69c2d3b3c4c72fd758984153
bcd10623c3661a43532d0628632e69aa0de45c1d94007618b70ffcedfbd997c5
be2f8c4c5b1e60ac194bca122d362942eff37605dbc7146ebc838c3392698b83
c121271299d3fcb7544cd07b6fdc800c434624558dade4763692ebdfa8957170
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c
c22076d7e7e05feb763df3d42d7e6511cd0ca0711c3ae7e3d87dc2dbf281911b
c2350557e6bbc4811dd8a9443af0971ccf3f7a75b061f811895ca99205b4338d
c6827d67a772e01ddbfd109f34240505f05e4ccf454cd53c464f06835e4d5b4d
c7b0ad786dc054fd743e8637f66376f93c341694b3c336d88a5a063f821bed9d
c7ba630c5e8051c458623ce0cd5c85786951d808478682ea17bc7626c0490718
c7bdb57e5d54c01f4b9486c4b208131eac2c22406d8bfac4253cd849e3976bf6
c84277f8192944e3a010d4f824a88b7f46ed9170bbf07023e36894bdc707a91d
ca814dd3a726abb8a65314b7c4efabc2c7fa6b2f22eeb78b01116f5a098594d7
ca8dedb472f150371162a892cc590ba1061cf414ab7f9580c42d5077e8e739a8
ccdfd765ba0dec5d4f4e8c8dba1059533809683f12e8867f4e174e67e85e3f1b
ccf6c4fc1647c898eba16894b4aff72451dc0ca310f8c94f4b88c80c5e33f5b3
cdf055ab24215b4a4805c4bcae0a1e96f842fd68a896768b1375f31c5d53e7b8
cdf4be3a3602edd7ca1fc512a7fc2d39fd47952d6d801073dd66f250de56c509
cf28dac7b73694092e53718be143a009158d3f8390951ae720792ebe8aa3724b
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d04ba90ca75f88c90a4f2683e7f2a6acecc2a4e72ae87a6d451ba9ed895e4969
d3028f66d759cbe51e353b8ac52e151580f3a2cb88426b79f65641bd2cdce9e1
d3597e843ad46b63ecdc3cf5f6cf00091f54676223c096447ebcf36541674453
d428c7ac629b28a8ad5dbb115fd7eb28e82c461190a8d15946279f3cd33133e3
d464202e33f58e38635d41e9f2a119bb8ffa4e4e191b87c0238ea38e2c944e0d
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d7b60ac1202a238b276793327294ee17b6f1ed5bcac48dfa7a9e9a3402223392
d7e2815804eb27b8bd43ffb748243a6a570efb54e198e6bdde93d9fa8a7d633c
d8fca9a6ad43d6ff6926bf2e6355dfa048d6af909a08c31d3f0c110a0dc9b7ca
d933119d35f2e7a69f9a2776dd7e2d6598d81ac4a6b5630622dc948bacf4487b
da89c24c1ea4cb1cd2cf082f59934229eeb0a17bc0b417f863b78c0051677423
da89e7bc599b6f9cfccaf006d63215a7ec23f07e9a9128596aaebad1587dd528
daddddf37e467f740a448ab4b7937972c317eacde77fa5d8d3c77d23b59d5fd6
ddbaa30474a0dd8dcae3f15cf0911c9077e1bdd6de7ab8b0481ab95697573680
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea5132d2cc2a09123e0b62295bf61dc72fe922673ea4cb2ae48f37b026922f3
dee7336d410e6fffffff89abb65b69408c5b5627685c2c527f559a89bea9b1f4
df2b77604e1765452d3f5a490f5bccb3b9e551776f4d02de4a1474e2325531d2
df8ce2c35bd1b3b938cd7ac05c786104e1898738350e6fe579f390efed17f611
e0a93c553657f106f0c3fef50c552b0b0eaa93ad12d3add4db5c6e6cfa48647d
e24a1ab93ad521971e950c93d7780fb7576abd602300acf820c20030f600ed7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df8ce96d6a9012ef555f4754564b8f75b94c5d222f5852ca1d4c447d622767
e59a5be1286a252228cfde6cfdb37bca03bfbaf8b7f0208b2268e9b11e122457
e620e7b947cf900fd1c95cbe0e810c7b2e5ae7991c2af25260a31328b24a99d7
e91ffc0c20afcae1d57a881e772b3871019e1aa12a9b44575f06411d21972bb8
eaf5b77f5331d8ae99a406bcd3cc58afd0967997b3b2e6a322573bc627b6420f
ecdd6d6f78d3b5ad2afb748c897cf9df471d624ec7c4fcbdcf439c60e85c3067
ed7cdf9848d354144f9d2c984c32194a896a8cabbc9e5118ba97a6af951d1408
ed9127a490966bc0fa00458289c14693d4bc62745f5e707728114b4194f72e20
edd7eb8401a6944536117777a31c5b5ec69c46e6a55a7ec1bb692a0fe7b14465
ef05fb17b7a17a3a3babe8d829aeccf6120662f038816b9ba760bf380db96ed1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef27dce070184c91dc78967fae3e0d2abe4e33aee447796b9ab665de40387a89
ef7d6de93417764a72cc1b51da94dc08496cb30a8a4288205943fbca19d52907
f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2
f2eb4da3652ed4a60bdc7aa946178d9d2d1145396f38f3c062c5968e28189678
f3bdd380ab6051b1d03748c25d325215041d3831eeafe9aad601b49517ed85ab
f55cecd6f14f56211192a2a9e89689e16d2899ec397b9d66cc6d880fe560a1da
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6a429e9cdeccf63ddd42e07e7dc32cc70af5f09a4245898fcd2f0271ff0d14d
f6f49fb64035e430aff73adfc28321fda9bacb18288e4ce7a71c2bdeeee3a137
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f87d75dccc5755a86f3e67905f666ede093a3952c4c75aa6717f29d8deb29850
f9affb85d09f506d397a78c337ae9fe86c248384a20d18b28ed7269f12516428
fa1ad7864a46469b8e3528bb0634d55e66317c717c4f56a95acb627bf0fb8efa
fa3991df227d7f547b7528861dd99a5fdb9314489c75fd8792a508432cfd26a2
fb88141ef60de2d3b5bc3a60922b67be87462884c49691e269d3e715fbb9aa1a
fc01b80911d4def44cec532d2fe211a711b9ec99e2c2a8bfead58aa0f7bbe759
fdd72327e22ee7248d0072cc64b26cb12644d4dd510da710ce10e09dc4ba79df
fed55fed1498e4a617d2335a3df309ff760d90747300cf29a60526d43c7b9906
ff62dc9f8def2033a0fa233f572f9c6682f7c1e5c9dced2587bd2e402f7d91b1
ffa6a1b641eec8f6b0f3c96ff6c2023bd244601c92fe6f9e72de5dbe0552300c