urlscan.io logo urlscan.io
SecurityTrails logo

ad.tpmn.co.kr Open in urlscan Pro
34.102.166.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%...
Effective URL: https://ad.tpmn.co.kr/adReqSb.tpmn?ii=17798&pi=pnut&impi=65753&bucket=&out=ifr&pb=https%3A%2F%2Fmedia.adpnut.com%2Fcgi...
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 7 countries across 24 domains to perform 32 HTTP transactions. The main IP is 34.102.166.132, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ad.tpmn.co.kr. The Cisco Umbrella rank of the primary domain is 5116.
TLS certificate: Issued by GTS CA 1D4 on August 11th 2023. Valid for: 3 months.
This is the only time ad.tpmn.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.102.166.132 396982 (GOOGLE-CL...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.65.107.250 16509 (AMAZON-02)
1 1 167.235.184.171 24940 (HETZNER-AS)
1 162.210.196.208 30633 (LEASEWEB-...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2 198.47.127.19 3257 (GTT-BACKB...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
1 178.250.7.11 44788 (ASN-CRITE...)
2 2 185.89.211.12 29990 (ASN-APPNEX)
2 198.47.127.205 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
6 6 142.250.181.226 15169 (GOOGLE)
1 52.18.182.246 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 37.157.5.132 198622 (ADFORM)
1 52.223.40.198 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
32 17
4    34.102.166.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
1    2606:4700::6813:d524 (United States)

ASN13335 (CLOUDFLARENET, US)
flx973.lporirxe.com
1    2606:4700::6811:6bd4 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    3.65.107.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
6    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
26 KB
6 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
2 KB
4 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 5116
3 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
899 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
746 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
42 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
2 KB
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
125 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
149 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
589 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 4312
413 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3690
351 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
146 B
1 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 10866
231 B
1 lporirxe.com
flx973.lporirxe.com — Cisco Umbrella Rank: 387848
283 B
0 digitalcamp.co.kr Failed
tracker.digitalcamp.co.kr Failed
0 audrte.com Failed
a.audrte.com Failed
0 amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 mmnneo.com Failed
info.mmnneo.com Failed
0 meba.kr Failed
cm.meba.kr Failed
0 appier.net Failed
gocm.c.appier.net Failed
32 24
Domain Requested by
6 cm.g.doubleclick.net 6 redirects
4 ad.tpmn.co.kr ad.tpmn.co.kr
ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 static.criteo.net ad.tpmn.co.kr
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 ib.adnxs.com 2 redirects
2 bidder.criteo.com static.criteo.net
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com ad.tpmn.co.kr
ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.aralego.com ad.tpmn.co.kr
1 inv-nets.admixer.net 1 redirects
1 x.bidswitch.net ad.tpmn.co.kr
1 pre.glotgrx.com ad.tpmn.co.kr
1 flx973.lporirxe.com 1 redirects
0 tracker.digitalcamp.co.kr Failed ad.tpmn.co.kr
0 a.audrte.com Failed ads.pubmatic.com
0 aax-eu.amazon-adsystem.com Failed ads.pubmatic.com
0 info.mmnneo.com Failed ad.tpmn.co.kr
0 cm.meba.kr Failed ad.tpmn.co.kr
0 gocm.c.appier.net Failed ad.tpmn.co.kr
32 29

This site contains no links.

Subject Issuer Validity Valid
ad.tpmn.co.kr
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh

This page contains 8 frames:

Primary Page: https://ad.tpmn.co.kr/adReqSb.tpmn?ii=17798&pi=pnut&impi=65753&bucket=&out=ifr&pb=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26campaignid%3D019m%26gothrough%3Dnextgrade%26out%3Diframe&fr=1&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26grade%3D4%26out%3Diframe
Frame ID: 5F4C46F663F64E45AC43178B7E065D63
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Frame ID: 2331AE9B89EDC0D2694F5BB412A81290
Requests: 12 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 18B0CF4D15FA7DEC7B7E069526498F42
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D4C2B48-4DFA-48CE-A428-40C156D634A8&redir=true&gdpr=0&gdpr_consent=
Frame ID: 61A89EC97621A1AE5EBF815B2283261F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6190674832284540741&gdpr=0&gdpr_consent=
Frame ID: 457B7EDAF3C0C6BB1FA48B302AC7B79C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
Frame ID: 024EB7DA1D3D060FB8F62F48C81FEDFF
Requests: 1 HTTP requests in this frame

Frame: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=ef82e8b3b9d3f1af3fc1d657f090b412&tpmn_buid=3D4C2B48-4DFA-48CE-A428-40C156D634A8
Frame ID: 969067D6C40E53A4CA4FB7023E245559
Requests: 1 HTTP requests in this frame

Frame: https://tracker.digitalcamp.co.kr/?ODI5&url=https%3A%2F%2Fad.tpmn.co.kr%2FadReqSb.tpmn%3Fii%3D17798%26pi%3Dpnut%26impi%3D71754%26bucket%3D%26out%3Difr%26pb%3Dhttps%253A%252F%252Fmedia.adpnut.com%252Fcgi-bin%252Fpelicanc.dll%253Fimpr%253Fpageid%253D02du%2526campaignid%253D019m%2526gothrough%253Dnextgrade%2526out%253Diframe%26fr%3D1%26loc%3Dhttps%253A%252F%252Fmedia.adpnut.com%252Fcgi-bin%252Fpelicanc.dll%253Fimpr%253Fpageid%253D02du%2526grade%253D4%2526out%253Diframe
Frame ID: 683642322DD3167E724D96965AB677EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/... Page URL
  2. https://ad.tpmn.co.kr/adReqSb.tpmn?ii=17798&pi=pnut&impi=65753&bucket=&out=ifr&pb=https%3A%2F%2Fme... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

32
Requests

59 %
HTTPS

22 %
IPv6

24
Domains

29
Subdomains

17
IPs

7
Countries

74 kB
Transfer

166 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe Page URL
  2. https://ad.tpmn.co.kr/adReqSb.tpmn?ii=17798&pi=pnut&impi=65753&bucket=&out=ifr&pb=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26campaignid%3D019m%26gothrough%3Dnextgrade%26out%3Diframe&fr=1&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26grade%3D4%26out%3Diframe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://flx973.lporirxe.com/flp/impimg.php?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&lat=&lon=&mm=&os= HTTP 301
  • https://pre.glotgrx.com/impimg.gif?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&lat=&lon=&mm=&os=&flsrc=1
Request Chain 5
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=51DC18E4-86E3-42DE-9A82-341B2CB39C2E&id=0589d8aaa96243fab344f0de9686d6f7&rurl=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Dbf91e8b3b9d3f1af3fc1d657f090b4ec%26tpmn_buid%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=bf91e8b3b9d3f1af3fc1d657f090b4ec&tpmn_buid=7a482f1a10624a88ba62e386609f6d2a
Request Chain 14
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6190674832284540741&gdpr=0&gdpr_consent=
Request Chain 15
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
Request Chain 17
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUwrSE36SM6kKEDBVtY0qA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUwrSE36SM6kKEDBVtY0qA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 19
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3904259957 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3D4C2B48-4DFA-48CE-A428-40C156D634A8
Request Chain 21
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QzJCNDgtNERGQS00OENFLUE0MjgtNDBDMTU2RDYzNEE4&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QzJCNDgtNERGQS00OENFLUE0MjgtNDBDMTU2RDYzNEE4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 22
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAC5l-zHiEmtgryrLjnVFas&google_cver=1
Request Chain 24
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=567454242791822533

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
adreqsb.tpmn
ad.tpmn.co.kr/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
54434d2c3aa8592b56404262f3bf95d4c334e7a7aa89e9fa3a663be074ad5205

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=utf-8
date
Wed, 04 Oct 2023 12:58:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
accept-encoding
via
1.1 google
impimg.gif
pre.glotgrx.com/
Redirect Chain
  • https://flx973.lporirxe.com/flp/impimg.php?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&la...
  • https://pre.glotgrx.com/impimg.gif?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&lat=&lon=&...
26 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/impimg.gif?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&lat=&lon=&mm=&os=&flsrc=1
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Server
2606:4700::6811:6bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 22:34:31 GMT
server
cloudflare
age
6534
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
810d981c68a3085a-FRA
content-length
26
expires
Wed, 04 Oct 2023 14:58:03 GMT

Redirect headers

location
https://pre.glotgrx.com/impimg.gif?qid=53632313f523732313f5337393&cid=973&p=pnut&s=https%3A%2F%2Fmlbpark.donga.com&x=&nci=&adtg=17798&nai=&si=&h=&w=&bp=&pp=&ci=&ip=&ai=banner&di=&pn=&ua=&lat=&lon=&mm=&os=&flsrc=1
date
Wed, 04 Oct 2023 12:58:03 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
810d981beac49b7d-FRA
vary
Accept-Encoding
expires
Wed, 04 Oct 2023 13:58:03 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=tpmn
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.107.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tpmn
gocm.c.appier.net/ 		0
0
/
cm.meba.kr/cm.mezzo/ 		0
0
pixelCt.tpmn
ad.tpmn.co.kr/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=51DC18E4-86E3-42DE-9A82-341B2CB39C2E&id=0589d8aaa96243fab344f0de9686d6f7&rurl=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Dbf91e8b3b9d3f1af3fc...
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=bf91e8b3b9d3f1af3fc1d657f090b4ec&tpmn_buid=7a482f1a10624a88ba62e386609f6d2a
170 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=bf91e8b3b9d3f1af3fc1d657f090b4ec&tpmn_buid=7a482f1a10624a88ba62e386609f6d2a
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary
accept-encoding
content-type
image/png;charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 04 Oct 2023 12:58:03 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=bf91e8b3b9d3f1af3fc1d657f090b4ec&tpmn_buid=7a482f1a10624a88ba62e386609f6d2a
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
getGuidRedirect.info
info.mmnneo.com/ 		0
0
idSync
sync.aralego.com/ 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync?redirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Dde91e8b3b9d3f1af3fc1d657f090b815%26tpmn_buid%3DSspCookieUserId
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
connection
close
content-length
35
content-type
image/gif
publishertag.js
static.criteo.net/js/ld/ 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-1ffad"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Oct 2023 12:58:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2331 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ad.tpmn.co.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58045
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Thu, 05 Oct 2023 05:05:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 2331 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96530808&p=161580&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
3e5e14a15c93ddd18075d4ecd1770fb7a055e1c6f0334da51cfd16ccf8514496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 04 Oct 2023 12:58:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=141&profileId=184&cb=86181306985
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad.tpmn.co.kr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://ad.tpmn.co.kr
date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
usersync.aspx
dis.criteo.com/dis/ Frame 18B0 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Wed, 04 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
185706
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 61A8 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 457B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6190674832284540741&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6190674832284540741&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 12:58:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7565686c-9696-4792-b794-f292ac459fbb
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6190674832284540741&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.29; 217.114.218.29; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 024E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
42 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 12:58:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
pixelCt.tpmn
ad.tpmn.co.kr/ Frame 9690 		170 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=ef82e8b3b9d3f1af3fc1d657f090b412&tpmn_buid=3D4C2B48-4DFA-48CE-A428-40C156D634A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
image/png;charset=utf-8
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
accept-encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUwrSE36SM6kKEDBVtY0qA%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUwrSE36SM6kKEDBVtY0qA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=58045
accept-ranges
bytes
content-length
5606
expires
Thu, 05 Oct 2023 05:05:28 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2331 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3D4C2B48-4DFA-48CE-A428-40C156D634A8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.135
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2331
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3904259957
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3D4C2B48-4DFA-48CE-A428-40C156D634A8
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3D4C2B48-4DFA-48CE-A428-40C156D634A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
via
1.1 google
last-modified
Wed, 04 Oct 2023 12:58:03 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3D4C2B48-4DFA-48CE-A428-40C156D634A8
date
Wed, 04 Oct 2023 12:58:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
match
a.audrte.com/ Frame 2331 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 2331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QzJCNDgtNERGQS00OENFLUE0MjgtNDBDMTU2RDYzNEE4&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QzJCNDgtNERGQS00OENFLUE0MjgtNDBDMTU2RDYzNEE4&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 12:58:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAC5l-zHiEmtgryrLjnVFas&google_cver=1
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAC5l-zHiEmtgryrLjnVFas&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 12:58:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAC5l-zHiEmtgryrLjnVFas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2331 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 03 Oct 2023 12:58:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2331
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=567454242791822533
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=567454242791822533
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 12:58:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=567454242791822533
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2331 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame 2331 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D4C2B48-4DFA-48CE-A428-40C156D634A8&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161580&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fad.tpmn.co.kr%2FpixelCt.tpmn%3Ftpmn_nid%3Def82e8b3b9d3f1af3fc1d657f090b412%26tpmn_buid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Primary Request adReqSb.tpmn
ad.tpmn.co.kr/ 		1 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.tpmn.co.kr/adReqSb.tpmn?ii=17798&pi=pnut&impi=65753&bucket=&out=ifr&pb=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26campaignid%3D019m%26gothrough%3Dnextgrade%26out%3Diframe&fr=1&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2Fpelicanc.dll%3Fimpr%3Fpageid%3D02du%26grade%3D4%26out%3Diframe
Requested by
Host: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
5599b846463c0bd6a4e479c8e27772196e5ca3fa797faa14fc618b83b4a2757f

Request headers

Referer
https://ad.tpmn.co.kr/adreqsb.tpmn?ii=17798&pi=pnut&out=ifr&pb=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019m%26gothrough%3dnextgrade%26out%3diframe&ru=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26campaignid%3d019n%26gothrough%3dnextgrade%26out%3diframe&loc=https%3a//media.adpnut.com/cgi-bin/pelicanc.dll%3fimpr%3fpageid%3d02du%26grade%3d4%26out%3diframe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=utf-8
date
Wed, 04 Oct 2023 12:58:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
accept-encoding
via
1.1 google
events
bidder.criteo.com/csm/ 		0
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad.tpmn.co.kr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ad.tpmn.co.kr
date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 28 Sep 2024 12:58:03 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.tpmn.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 28 Sep 2024 12:58:03 GMT
/
tracker.digitalcamp.co.kr/ Frame 6836 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/tpmn
Domain
cm.meba.kr
URL
https://cm.meba.kr/cm.mezzo/?buyerid=0589d8aaa96243fab344f0de9686d6f7&partnerkey=tpmn
Domain
info.mmnneo.com
URL
https://info.mmnneo.com/getGuidRedirect.info?url=https%3A%2F%2Fad.tpmn.co.kr%2Fcookiesync.tpmn%3Ftpmn_nid%3Dbf91e8b3b9d3f1af3fc1d657f090b4fb%26tpmn_buid%3D
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D4C2B48-4DFA-48CE-A428-40C156D634A8&redir=true&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3D4C2B48-4DFA-48CE-A428-40C156D634A8
Domain
tracker.digitalcamp.co.kr
URL
https://tracker.digitalcamp.co.kr/?ODI5&url=https%3A%2F%2Fad.tpmn.co.kr%2FadReqSb.tpmn%3Fii%3D17798%26pi%3Dpnut%26impi%3D71754%26bucket%3D%26out%3Difr%26pb%3Dhttps%253A%252F%252Fmedia.adpnut.com%252Fcgi-bin%252Fpelicanc.dll%253Fimpr%253Fpageid%253D02du%2526campaignid%253D019m%2526gothrough%253Dnextgrade%2526out%253Diframe%26fr%3D1%26loc%3Dhttps%253A%252F%252Fmedia.adpnut.com%252Fcgi-bin%252Fpelicanc.dll%253Fimpr%253Fpageid%253D02du%2526grade%253D4%2526out%253Diframe

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| access

24 Cookies

Domain/Path Name / Value
.tpmn.co.kr/ Name: uuid
Value: 0589d8aaa96243fab344f0de9686d6f7
.admixer.net/ Name: am-uid
Value: 7a482f1a10624a88ba62e386609f6d2a
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3D4C2B48-4DFA-48CE-A428-40C156D634A8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1697587200%3A241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1697587200%3A21_3_54_251_8_220_13_56%7C1697673600%3A35%7C1696982400%3A223
.weborama.fr/ Name: AFFICHE_W
Value: PofW1JlINEA@76
.adnxs.com/ Name: uuid2
Value: 6190674832284540741
.simpli.fi/ Name: suid
Value: A5496CFDBE80489D884D3A76D76C057D
.tpmn.co.kr/ Name: admixernet
Value: 7a482f1a10624a88ba62e386609f6d2a
.quantserve.com/ Name: d
Value: EOcBCwGNKvijAA
.quantserve.com/ Name: mc
Value: 651d615b-ccb35-805a3-ea32c
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkJ82ld_xkI0bjs6tIhZ3cH7dfRh-NC6FqOd6Cn5t95vaOX46Nr3Txf0iIJexw
.adform.net/ Name: uid
Value: 567454242791822533
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: c96ef02d-cada-3c93-bc6e-1be64fe01dc1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6190674832284540741&KRTB&23339-6190674832284540741
.pubmatic.com/ Name: PugT
Value: 1696424282
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-567454242791822533&KRTB&23263-567454242791822533&KRTB&23481-567454242791822533
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2&KRTB&19420-ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2&KRTB&22979-ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2&KRTB&23403-ELjpUxC87VUL7rtVFbj1Dxa4uQQL6LkEFO7MkVM2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAC5l-zHiEmtgryrLjnVFas&KRTB&23025-CAESEAC5l-zHiEmtgryrLjnVFas&KRTB&23386-CAESEAC5l-zHiEmtgryrLjnVFas
.tpmn.co.kr/ Name: pubmatic
Value: 3D4C2B48-4DFA-48CE-A428-40C156D634A8
ad.tpmn.co.kr/ Name: JSESSIONID
Value: BDC2CD0B889D86B45E47148F9D9663D3

1 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3D4C2B48-4DFA-48CE-A428-40C156D634A8&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
ad.tpmn.co.kr
ads.pubmatic.com
bidder.criteo.com
c1.adform.net
cm.g.doubleclick.net
cm.meba.kr
cms.quantserve.com
cr.frontend.weborama.fr
dis.criteo.com
flx973.lporirxe.com
gocm.c.appier.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
info.mmnneo.com
inv-nets.admixer.net
match.adsrvr.org
pre.glotgrx.com
simage2.pubmatic.com
static.criteo.net
sync.aralego.com
sync.crwdcntrl.net
tracker.digitalcamp.co.kr
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
a.audrte.com
aax-eu.amazon-adsystem.com
cm.meba.kr
gocm.c.appier.net
info.mmnneo.com
tracker.digitalcamp.co.kr
142.250.181.226
162.210.196.208
167.235.184.171
178.250.7.11
185.64.191.210
185.89.211.12
198.47.127.19
198.47.127.205
23.35.236.201
2606:4700::6811:6bd4
2606:4700::6813:d524
2620:116:800d:21:e365:4988:e8a7:3270
2a02:2638:3::3
2a02:2638:3::7
3.65.107.250
3.71.149.231
34.102.166.132
34.111.129.221
34.111.131.239
34.91.62.186
37.157.5.132
52.18.182.246
52.223.40.198
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e5e14a15c93ddd18075d4ecd1770fb7a055e1c6f0334da51cfd16ccf8514496
54434d2c3aa8592b56404262f3bf95d4c334e7a7aa89e9fa3a663be074ad5205
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5599b846463c0bd6a4e479c8e27772196e5ca3fa797faa14fc618b83b4a2757f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423