Submitted URL: http://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30
Effective URL: https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRed...
Submission: On November 16 via manual from KR — Scanned from DE

Summary

This website contacted 16 IPs in 4 countries across 10 domains to perform 34 HTTP transactions. The main IP is 119.205.238.29, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is www.mediacategory.com.
TLS certificate: Issued by Thawte RSA CA 2018 on October 16th 2019. Valid for: 2 years.
This is the only time www.mediacategory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 119.205.238.29 4766 (KIXS-AS-K...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.0.165 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 14.0.113.205 38107 (CDNETWORK...)
1 143.204.98.28 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 13.209.237.228 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
34 16
Domain Requested by
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com compass.adop.cc
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 static.criteo.net www.mediacategory.com
3 www.mediacategory.com 1 redirects www.mediacategory.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 bidder.criteo.com static.criteo.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 data.adop.cc compass.adop.cc
1 adopdmp.adop.cc compass.adop.cc
1 compass.adop.cc www.mediacategory.com
1 img.mobon.net www.mediacategory.com
1 mug.criteo.com
34 16

This site contains no links.

Subject Issuer Validity Valid
*.mediacategory.com
Thawte RSA CA 2018
2019-10-16 -
2021-12-14
2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-09 -
2021-12-07
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-09 -
2021-12-07
3 months crt.sh
*.mobon.net
Thawte RSA CA 2018
2021-05-26 -
2022-06-09
a year crt.sh
adop.cc
Amazon
2021-10-29 -
2022-11-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.adop.cc
Amazon
2021-01-05 -
2022-02-03
a year crt.sh
*.google.de
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Frame ID: 6C11A233CBC0E4CBD8FE9EBE210EEF21
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mediacategory.com
Frame ID: D9EC0366607E325491DC1F500DB594A9
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono
Frame ID: 42FD623459A03DDCC35DADCA1E662937
Requests: 2 HTTP requests in this frame

Frame: https://compass.adop.cc/RD/aa1a5fa7-a3bd-4c78-a201-a42329b703d2?type=iframe&loc=http://www.nocutnews.co.kr/news/399499/c1=248&size_width=30&size_height=30&pbu=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno
Frame ID: D133A665867F7B1AD5A9B302B109BF6B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Frame ID: 748849FE0225B87B6D5F964222B734C6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 15A2A1BBAC9E0566E3FFC296A874F19C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: B1462A4D5B1E276483396A3B72F9CD15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A4B2E9772739728BA5FEB9BDF0228E6A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8BED505D2C21C24DD76FDC7D63CB01E4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

criteo

Page URL History Show full URLs

  1. http://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s... HTTP 302
    https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s... Page URL

Page Statistics

34
Requests

97 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

16
IPs

4
Countries

373 kB
Transfer

921 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30 HTTP 302
    https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=www.mediacategory.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=cswupHw3YXBXcnhXSy9ZbkJ5WVEwRnlyNEFNcXNsdnpnNlNTVWc1WjFPSU04Z0wrUXNDaFZMdE1sZXhTQzUxaHd5TDVCRm5RUzlINjRNY0kxY2xCWGRqYVBLV3lzYmlTeGkvQmhnYy8rR3EwcW1hYUZRRGpXU290MUZkM1BCRFlCdW00blh3VkxpSXpVcHhDcmx0ZVF6YVI4aG9jSDF1QTFPbEUyQldwMVFHVzZXVnhkRnIvcWZZWXlyWTJjTDZEZDVVRk83Ti9LeGN1bUZveVVyaGZKdVlibjhQTHZWUkw3UC9TeHpibGRId250ZVNzTzJXaWo5dThIZ2tJeEVGSkFQWVpjRXkyYlZTcnhBNGNzY0FVamVRaytTZz09fA&cppv=2
Request Chain 24
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request adBanner
www.mediacategory.com/servlet/
Redirect Chain
  • http://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30
  • https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
2 KB
2 KB
Document
General
Full URL
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
cf220cd5815526b553dff983b4ab743adbd4b4506b5c0643d2ce087c0dfbca95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Transfer-Encoding
chunked
Date
Tue, 16 Nov 2021 02:48:25 GMT
Keep-Alive
timeout=5
Connection
keep-alive

Redirect headers

Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Location
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Content-Type
text/html;charset=euc-kr
Content-Length
0
Date
Tue, 16 Nov 2021 02:48:23 GMT
Keep-Alive
timeout=5
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:26 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Nov 2021 02:48:26 GMT
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=2334824770
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Tue, 16 Nov 2021 02:48:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
syncframe
gum.criteo.com/ Frame D9EC
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mediacategory.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3288
date
Tue, 16 Nov 2021 02:48:25 GMT
content-length
4685
adBanner
www.mediacategory.com/servlet/ Frame 42FD
1 KB
1 KB
Document
General
Full URL
https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
bd77db3e78906c8c6829334b887235539226bdf9cb6db0842750c9934c6dd070

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y

Response headers

Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Transfer-Encoding
chunked
Date
Tue, 16 Nov 2021 02:48:26 GMT
Keep-Alive
timeout=5
Connection
keep-alive
events
bidder.criteo.com/csm/
0
194 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mediacategory.com
date
Tue, 16 Nov 2021 02:48:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/
43 B
337 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:26 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 11 Nov 2022 02:48:26 GMT
pixel.gif
static.criteo.net/images/
43 B
337 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?from=http://www.nocutnews.co.kr/news/399499/c1=248&c2=528&s=17901&iwh=30&sslRedirect=Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:26 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 11 Nov 2022 02:48:26 GMT
sid
mug.criteo.com/ Frame D9EC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediacategory.com&sn=ChromeSyncframe&so=0&topUrl=www.mediacategory.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=cswupHw3YXBXcnhXSy9ZbkJ5WVEwRnlyNEFNcXNsdnpnNlNTVWc1WjFPSU04Z0wrUXNDaFZMdE1sZXhTQzUxaHd5TDVCRm5RUzlINjRNY0kxY2xCWGRqYVBLV3lzYmlTeGkvQmhnYy8rR3EwcW1hYUZRRGpXU290MUZkM1...
425 B
617 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=cswupHw3YXBXcnhXSy9ZbkJ5WVEwRnlyNEFNcXNsdnpnNlNTVWc1WjFPSU04Z0wrUXNDaFZMdE1sZXhTQzUxaHd5TDVCRm5RUzlINjRNY0kxY2xCWGRqYVBLV3lzYmlTeGkvQmhnYy8rR3EwcW1hYUZRRGpXU290MUZkM1BCRFlCdW00blh3VkxpSXpVcHhDcmx0ZVF6YVI4aG9jSDF1QTFPbEUyQldwMVFHVzZXVnhkRnIvcWZZWXlyWTJjTDZEZDVVRk83Ti9LeGN1bUZveVVyaGZKdVlibjhQTHZWUkw3UC9TeHpibGRId250ZVNzTzJXaWo5dThIZ2tJeEVGSkFQWVpjRXkyYlZTcnhBNGNzY0FVamVRaytTZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8ff7701eead32e8abd2a158176c93e15095538f8571c8e6a350ae37028a6662b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 16 Nov 2021 02:48:26 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3897
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 16 Nov 2021 02:48:26 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=cswupHw3YXBXcnhXSy9ZbkJ5WVEwRnlyNEFNcXNsdnpnNlNTVWc1WjFPSU04Z0wrUXNDaFZMdE1sZXhTQzUxaHd5TDVCRm5RUzlINjRNY0kxY2xCWGRqYVBLV3lzYmlTeGkvQmhnYy8rR3EwcW1hYUZRRGpXU290MUZkM1BCRFlCdW00blh3VkxpSXpVcHhDcmx0ZVF6YVI4aG9jSDF1QTFPbEUyQldwMVFHVzZXVnhkRnIvcWZZWXlyWTJjTDZEZDVVRk83Ti9LeGN1bUZveVVyaGZKdVlibjhQTHZWUkw3UC9TeHpibGRId250ZVNzTzJXaWo5dThIZ2tJeEVGSkFQWVpjRXkyYlZTcnhBNGNzY0FVamVRaytTZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3925
content-length
541
expires
0
referrer_ext.js
img.mobon.net/mediaCategory/js/ Frame 42FD
1 KB
2 KB
Script
General
Full URL
https://img.mobon.net/mediaCategory/js/referrer_ext.js?ver=0.1
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.205 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6de82aa12d52e0970b0c0ffb7de65f8dc018844ad16de368dbf9a79bcb959a27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 02:48:27 GMT
Via
1.1 PShgseSEL4zd34:1 (W), 1.1 PShgseSEL7jo101:5 (W), 1.1 PShgseSEL4aj146:9 (W)
Last-Modified
Wed, 23 Dec 2020 07:10:19 GMT
Server
PWS/8.3.1.0.8
Age
70394
ETag
"f225a6-4fd-5b71c624c62f4"
X-Ws-Request-Id
61931bfb_PShgseSEL4ka136_4946-46518
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4aj146GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1277
aa1a5fa7-a3bd-4c78-a201-a42329b703d2
compass.adop.cc/RD/ Frame D133
1 KB
1 KB
Document
General
Full URL
https://compass.adop.cc/RD/aa1a5fa7-a3bd-4c78-a201-a42329b703d2?type=iframe&loc=http://www.nocutnews.co.kr/news/399499/c1=248&size_width=30&size_height=30&pbu=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
9e0475d7acac8f1aea39347c760a80fb916efef6a6297c80c3386fafdb67458f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/servlet/adBanner?c2=528&s=17901&iwh=30&sslRedirect=Y&passback=criteono

Response headers

content-type
text/html; charset=UTF-8
content-length
819
cache-control
public, max-age=300
content-encoding
gzip
date
Tue, 16 Nov 2021 02:48:28 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.15
x-cache
Miss from cloudfront
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8dvtyIOlCy91rctwT0ddmzl3oSdw9Lqkpdm5aZdY8nRJrwzXdnHd2w==
adop_sdk_p4.0.1.min.js
adopdmp.adop.cc/ Frame D133
18 KB
8 KB
Script
General
Full URL
https://adopdmp.adop.cc/adop_sdk_p4.0.1.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/aa1a5fa7-a3bd-4c78-a201-a42329b703d2?type=iframe&loc=http://www.nocutnews.co.kr/news/399499/c1=248&size_width=30&size_height=30&pbu=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5c00:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
509ad252be6b42da4d1b4c0eeaca785fd1f53b092e0e870f1fedb4ae92bf62c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 01:06:22 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 02:38:34 GMT
server
AmazonS3
age
6486127
etag
W/"8c7bca07717cb469b00f91427b45cca8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cQZRQad7Puxxc7cvpf8WPhZuMQWOcMIwl1nEomo6Sjo3F4siVPGa9A==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D133
112 KB
40 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/aa1a5fa7-a3bd-4c78-a201-a42329b703d2?type=iframe&loc=http://www.nocutnews.co.kr/news/399499/c1=248&size_width=30&size_height=30&pbu=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72b871a7e59d8ff1a9bd2ddb9fa38c8348d90ba6721f6149936fb07dc7b20406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40272
x-xss-protection
0
server
cafe
etag
5834348599761379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Nov 2021 02:48:28 GMT
collect.php
data.adop.cc/ Frame D133
0
62 B
Image
General
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjExMTE2MDI0ODI4IiwiY3RyeSI6IkdCIiwiYWNpZCI6IkdCLTIxMTExNjAyNDgyOC02OTQxZmY1ZDk1Yzk0YzljIiwibmV0IjoiR29vZ2xlIGFkeCIsInppZCI6ImFhMWE1ZmE3LWEzYmQtNGM3OC1hMjAxLWE0MjMyOWI3MDNkMiIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk1LjAuNDYzOC41NCBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjE5NC4zNi4xMDguMTkiLCJmbG9jIjoiaHR0cCUzQSUyRiUyRnd3dy5ub2N1dG5ld3MuY28ua3IlMkZuZXdzJTJGMzk5NDk5JTJGYzElM0QyNDgiLCJjZHQiOiIyMTExMTYwMjQ4MjgiLCJkaXIiOiJ2IiwidHAiOiJpZnJhbWUiLCJyZWYiOiJodHRwcyUzQSUyRiUyRnd3dy5tZWRpYWNhdGVnb3J5LmNvbSUyRnNlcnZsZXQlMkZhZEJhbm5lciUzRmMyJTNENTI4JTI2cyUzRDE3OTAxJTI2aXdoJTNEMzAlMjZzc2xSZWRpcmVjdCUzRFklMjZwYXNzYmFjayUzRGNyaXRlb25vIiwidGl0bGUiOiIiLCJsb2ciOiJiYXNpYyJ9&aid=b0b3eb19-4adb-4091-ba7a-1929749aabf8&r=AmcTOPk
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RD/aa1a5fa7-a3bd-4c78-a201-a42329b703d2?type=iframe&loc=http://www.nocutnews.co.kr/news/399499/c1=248&size_width=30&size_height=30&pbu=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.209.237.228 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-209-237-228.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ Frame D133
267 KB
96 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c35dbb0d53a71e6fb837181c8019c04da67e7dbce1204995a94d22c1ab9b3a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98320
x-xss-protection
0
server
cafe
etag
14734621707495015592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 16 Nov 2021 02:48:28 GMT
integrator.js
adservice.google.de/adsid/ Frame D133
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=compass.adop.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Nov 2021 02:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D133
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=compass.adop.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Nov 2021 02:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7488
54 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a59784bbf036677a03d5b74052519c267cb75b6678bd34931707c7c7b5300231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Nov 2021 02:48:28 GMT
server
cafe
content-length
23043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Nov 2021 02:48:28 GMT
cache-control
private
10219391361030763221
tpc.googlesyndication.com/simgad/ Frame 7488
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10219391361030763221?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql2AGOeLAoGzq0mkASblRK6dyRKgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07ca873fe84e755e7574b04ad5e97e05943ab3184492ed5ccb7139f1a7f0833b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 11:01:22 GMT
x-content-type-options
nosniff
age
56826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41105
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 07:57:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Nov 2022 11:01:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 7488
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 02:25:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7488
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 02:44:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7488
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Nov 2021 02:48:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7488
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 02:29:26 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7488
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 04:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 04:03:13 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 15A2
143 B
226 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Nov 2021 02:37:41 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 15A2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
363 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Nov 2021 02:48:28 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Nov 2021 02:48:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Nov 2021 02:48:28 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7488
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f95fa0cb0e0c1a76c55755628cba81d3c0948cd42b7394bfcfcbf64b1deffab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame D133
12 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09cc60565e77e1c3803e01bd7412da7e85c5b218e0ec5019b10f105c3706154e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Nov 2021 02:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9299
x-xss-protection
0
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame B146
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474238860523410&output=html&h=250&slotname=enl_nocutnews_rb_300x250_210618&adk=2579866863&adf=467761246&pi=t.ma~as.enl_nocutnews_rb_30_&w=300&format=300x250&url=https%3A%2F%2Fwww.nocutnews.co.kr%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dadopno&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637030908276&bpp=15&bdt=113&idt=80&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&correlator=2845888611080&frm=8&ife=1&pv=2&ga_vid=1617278443.1637030908&ga_sid=1637030908&ga_hid=722795458&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=30&ish=30&ifk=21187288&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=802271834976773&pem=293&loc=https%3A%2F%2Fwww.mediacategory.com%2Fservlet%2FadBanner%3Fc2%3D528%26s%3D17901%26iwh%3D30%26sslRedirect%3DY%26passback%3Dcriteono&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C30%2C30&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1r0x1dux1t7w&fsb=1&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 19:40:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Nov 2022 19:40:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D133
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1474238860523410&plah=compass.adop.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 16 Nov 2021 02:48:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A4B2
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 16 Nov 2021 02:35:15 GMT
expires
Wed, 16 Nov 2022 02:35:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8BED
783 B
1000 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3a9f19045c911f128eb6d3ef28afe62468c47c4f0d784dc7ad3f41e1f5a53fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aiaxBpq2m4C4lKfyUj4/mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 16 Nov 2021 02:48:30 GMT
date
Tue, 16 Nov 2021 02:48:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-aiaxBpq2m4C4lKfyUj4/mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame A4B2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 19:40:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Nov 2022 19:40:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8BED
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=802271834976773&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame D133
0
119 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=802271834976773&bg=!3d6l3prNAAZQLpa_UC47ACkAdvg8Wrs__nObidCMonWDI6mH-aebm7JOZIuwcVpB4mRjDjtFShUZ8gIAAABjUgAAAAdoAQeZAvVKDArUZ0nNWiR71KdGGwK4xv1j8cexp7qPBOKcDZXdrdQCTCU6aFVJKMLl0x-4Z1nZAMflYjca4Fj1qSTzbfM3rvXDOPC7E94eFGZ521KthXpniHK9MGEOHR127i-YCCHo9oN6C3nEB4ykos-W58ydj-zU5a07-zt61o_6PZlEc7DvHbSkO9EZP2CWQ1tPyfS_y85efWjf7bftIK_xa9fCEaGOPdYl5Y_dL7n8qqPFOo-9mGjpJu-mxPK1a6tz1jqDN4kYlGnHT8SCBfHVc4j9SaeJHtytaON-EMzDMJi_j2hAfT7BaUh7zGttuUxklvm_87G3Z45QxW4Dp6-WwgOYXB20lNBT_iebamYcJs8pfmf9MKcrJlyGu8s2EgQjf51-psR-Z-163Vf51lIVXvmDdcZN0iKbdreMdmJqcZV7FtNh-nqg00No44VQfNMj2QB5_UcHQ9WLDqcgluWC6JpDJ62hz7rNAJl-T9S4VO9m5QnTvypkd9ZDmJXCoCOgnTUub9H_bA2jx-OmKAJzSbe_B6wOQm0somJzxJ-o-JJYY8H2r9x4jrGXn3-zXlD23hUb_zkDl-kHjm92xHt2FvrI7w9-g2fJDYH2R4Viy2-4E0U0qvZSXqgvd-s-8vI2gk8VI39r9lWMpmuc-J-vKFRbwHuKJSVhPTk9W9jWhYiaQUXqOO2UFruQQu9U9MGUjrZmikx4F0toqzBxQVTYz7R_dcKJRR0ggp1aQJQX8PghaaK8pzAa9eFcw-QlY0XzKBfucO0cJ-DQVrNNz5vipj1tMqhc68sLciDW_Hz5tGvExyss5rnuX1QRZxGYMe2v2a6V5qTScOExyAumXh6WnnWcJbJyBVHb_XJSgm_ZwZGmWD056RHyEn-F9UUb2A6s8uHPcHue8nHHqhsd34jNnUulYU5QJH-QLe02mr7qsSxZICcJ4aO-NyPZ6VkQnBuRqFJmTa-NAT6KGlRnbOEkTOtsgGjoNvZjFTT621CylT8xt101efiU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://compass.adop.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Nov 2021 02:48:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| siteURL string| loc string| zoneid string| passback_url string| elpwidth string| elpheight object| Criteo object| googletag object| criteo_pubtag object| criteo_pubtag_116 object| Criteo_116

11 Cookies

Domain/Path Name / Value
.mediacategory.com/ Name: Start_Time
Value: "2021111611"
.mediacategory.com/ Name: s_IP_info
Value: "194.36.108.19.585249"
.mediacategory.com/ Name: s_au_id
Value: "e6fda3ce46cc279b-2faef99017d26a19c77-2cc8"
.mediacategory.com/ Name: iDev
Value: "(1637030905828)IP_info^194.36.108.19.585249#"
.criteo.com/ Name: uid
Value: 832a1555-f379-472f-8cc4-720bd888e3f4
.mediacategory.com/ Name: cto_bundle
Value: b4TK719UeE5lZ0FSb0l4dHljdnM0RWdsWjE3a05ZWHhqZHpXaTg2TlllbWd5dW9aRTA2azJkMkklMkZUbll1d0FBSlpqNkQ1NWYzYTZnd1ZOSjk5ZlVGdmtlNTdpQ0EyUzB1eHMzcWFIQzNQaSUyQkNPaFdXMDBnTFZValVQSXFPNjJzaXpBelloRml6Z3puY2Z0YjBEdkpIYnN0ZyUyQnclM0QlM0Q
.mediacategory.com/ Name: abTestType
Value: "(1637030906408)SG_BC^BC90#SG_BB^BB92#SG_BA^BA82#SG_AW^AW99#SG_AT^AT049#SG_AQ^AQ044#SG_AL^AL66#SG_AE^AE46#SG_AI^AI27#SG_AF^AF01#SG_AD^AD02#SG_AC^AC02#SG_AA^AA01#SG_Y^Y41#SG_R^R22#SG_P^P54#SG_N^N27#SG_K^K89#SG_H^H36#SG_D^D34#SG_C^C02#SG_B^B28#SG_A^A01#"
compass.adop.cc/ Name: ADOP_CID
Value: GB-211116024828-6941ff5d95c94c9c
compass.adop.cc/ Name: ADOP_P_U
Value: http%3A%2F%2Fwww.nocutnews.co.kr%2Fnews%2F399499%2Fc1%3D248
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkHXV1V5r3maZmL2Rs1rukV-9Ln7z1OTRL9nbjrYcvYq-iW3l1Na0jxbFzF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adopdmp.adop.cc
adservice.google.com
adservice.google.de
bidder.criteo.com
compass.adop.cc
data.adop.cc
googleads.g.doubleclick.net
gum.criteo.com
img.mobon.net
mug.criteo.com
pagead2.googlesyndication.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.mediacategory.com
119.205.238.29
13.209.237.228
14.0.113.205
143.204.98.28
178.250.0.157
178.250.0.165
2600:9000:2156:5c00:18:69f:d880:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2004
2a02:2638:1::3
2a02:2638::1c
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
07ca873fe84e755e7574b04ad5e97e05943ab3184492ed5ccb7139f1a7f0833b
09cc60565e77e1c3803e01bd7412da7e85c5b218e0ec5019b10f105c3706154e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
509ad252be6b42da4d1b4c0eeaca785fd1f53b092e0e870f1fedb4ae92bf62c4
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6de82aa12d52e0970b0c0ffb7de65f8dc018844ad16de368dbf9a79bcb959a27
6f95fa0cb0e0c1a76c55755628cba81d3c0948cd42b7394bfcfcbf64b1deffab
72b871a7e59d8ff1a9bd2ddb9fa38c8348d90ba6721f6149936fb07dc7b20406
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ff7701eead32e8abd2a158176c93e15095538f8571c8e6a350ae37028a6662b
9e0475d7acac8f1aea39347c760a80fb916efef6a6297c80c3386fafdb67458f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59784bbf036677a03d5b74052519c267cb75b6678bd34931707c7c7b5300231
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd77db3e78906c8c6829334b887235539226bdf9cb6db0842750c9934c6dd070
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c35dbb0d53a71e6fb837181c8019c04da67e7dbce1204995a94d22c1ab9b3a0c
cf220cd5815526b553dff983b4ab743adbd4b4506b5c0643d2ce087c0dfbca95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
f3a9f19045c911f128eb6d3ef28afe62468c47c4f0d784dc7ad3f41e1f5a53fb