ads.mtgroup.kr Open in urlscan Pro
183.111.27.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Submission: On September 01 via manual (September 1st 2021, 10:05:15 pm UTC) from US

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 17 domains to perform 87 HTTP transactions. The main IP is 183.111.27.168, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is ads.mtgroup.kr.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 24th 2021. Valid for: a year.

This is the only time ads.mtgroup.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	183.111.27.168 183.111.27.168	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
4	221.165.139.2 221.165.139.2	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
6	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	175.126.57.170 175.126.57.170	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
4	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	121.254.154.40 121.254.154.40	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
2	121.254.154.6 121.254.154.6	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
2	14.0.113.205 14.0.113.205	38107 (CDNETWORK...) (CDNETWORKS-AS-KR CDNetworks)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	121.254.154.32 121.254.154.32	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
1	52.78.71.79 52.78.71.79	16509 (AMAZON-02) (AMAZON-02)
2 2	1.234.81.14 1.234.81.14	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
19	52.78.184.209 52.78.184.209	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3030::6815:e69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.17 104.75.88.17	16625 (AKAMAI-AS) (AKAMAI-AS)
87	25

1 183.111.27.168 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

ads.mtgroup.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 221.165.139.2 (Gyeonggi-do, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

media.adpnut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.126.57.170 (Seongnam-si, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

js.ad4989.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.254.154.40 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

tm.interworksmedia.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.254.154.6 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

ds.interworksmedia.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.0.113.205 (Korea, Republic Of)

ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR)

cdn.interworksmedia.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.254.154.32 (Korea, Republic Of) 1 redirects

ASN3786 (LGDACOM LG DACOM Corporation, KR)

interface.interworksmedia.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.78.71.79 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-71-79.ap-northeast-2.compute.amazonaws.com

apis.piclick.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 1.234.81.14 (Ansan-si, Korea, Republic Of) 2 redirects

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

idm.skplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.78.184.209 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com

imp.piclick.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.piclick.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:e69 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.piclick.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-17.deploy.static.akamaitechnologies.com

static.coupangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com 1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	358 KB
19	piclick.kr imp.piclick.kr log.piclick.kr	177 KB
10	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	13 KB
7	interworksmedia.co.kr 1 redirects tm.interworksmedia.co.kr ds.interworksmedia.co.kr cdn.interworksmedia.co.kr interface.interworksmedia.co.kr	7 KB
6	google.com adservice.google.com www.google.com	3 KB
6	criteo.net static.criteo.net	79 KB
5	coupangcdn.com static.coupangcdn.com	576 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	143 KB
4	adpnut.com media.adpnut.com	6 KB
2	skplanet.com 2 redirects idm.skplanet.com	724 B
2	piclick.me apis.piclick.me cdn.piclick.me	10 KB
2	googletagservices.com www.googletagservices.com	54 KB
2	google.de adservice.google.de	1018 B
1	jquery.com code.jquery.com	30 KB
1	google.fr adservice.google.fr	853 B
1	ad4989.co.kr js.ad4989.co.kr	7 KB
1	mtgroup.kr ads.mtgroup.kr	877 B
87	17

	Domain	Requested by
13	log.piclick.kr	imp.piclick.kr code.jquery.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ads.mtgroup.kr ds.interworksmedia.co.kr pagead2.googlesyndication.com imp.piclick.kr
6	imp.piclick.kr	apis.piclick.me imp.piclick.kr pagead2.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	static.criteo.net	media.adpnut.com imp.piclick.kr ds.interworksmedia.co.kr
5	static.coupangcdn.com	imp.piclick.kr
4	gum.criteo.com	2 redirects static.criteo.net
4	bidder.criteo.com	static.criteo.net
4	media.adpnut.com	ads.mtgroup.kr media.adpnut.com ds.interworksmedia.co.kr
3	www.google.com	tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	media.adpnut.com securepubads.g.doubleclick.net
2	idm.skplanet.com	2 redirects
2	interface.interworksmedia.co.kr	1 redirects cdn.interworksmedia.co.kr
2	www.googletagservices.com	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	2 redirects
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.interworksmedia.co.kr	ds.interworksmedia.co.kr interface.interworksmedia.co.kr
2	ds.interworksmedia.co.kr	tm.interworksmedia.co.kr pagead2.googlesyndication.com
2	mug.criteo.com	ds.interworksmedia.co.kr
1	cdn.piclick.me	imp.piclick.kr
1	code.jquery.com	imp.piclick.kr
1	apis.piclick.me	media.adpnut.com
1	tm.interworksmedia.co.kr	media.adpnut.com
1	1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	js.ad4989.co.kr	media.adpnut.com
1	ads.mtgroup.kr
87	28

This site contains no links.

Subject Issuer	Validity	Valid
yellow.contentsfeed.com GoGetSSL RSA DV CA	`2021-06-24` - `2022-07-24`	a year	crt.sh
ad.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2021-07-07` - `2022-06-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2019-11-11` - `2022-01-29`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.interworksmedia.co.kr Sectigo RSA Domain Validation Secure Server CA	`2021-01-25` - `2022-01-25`	a year	crt.sh
support11b.cdnetworks.net DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-07-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
piclick.me Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.piclick.kr Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.coupangcdn.com Sectigo RSA Organization Validation Secure Server CA	`2020-03-25` - `2022-04-12`	2 years	crt.sh

This page contains 18 frames:

Primary Page: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Frame ID: 569AAE2E6959D43C2C3C5502C19310C8
Requests: 1 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Frame ID: 40247CC5C20592632FAFE0850C8501B9
Requests: 7 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&lang=utf-8&grade=2&out=script
Frame ID: F80177DFED2080C20B86415BAB0CF45F
Requests: 9 HTTP requests in this frame

Frame: https://1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 63BEAB43BE0C459F6698173E833E45D5
Requests: 1 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&campaignid=03E6&gothrough=nextgrade&out=script
Frame ID: 54457CF3990069BA7D28BB0E4D8469AE
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1DBFCD8D8AEA5C316276D78940903D5D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F32D3E035E16DAB2070A6B5A4C99976
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
Frame ID: 6CF00C6BE4C75C8F8069CCF39265C810
Requests: 2 HTTP requests in this frame

Frame: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
Frame ID: A938EB1E40C61AB2780E9FFFA9647549
Requests: 3 HTTP requests in this frame

Frame: https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe
Frame ID: E041CF59EDD6AD7FB423C36FEC02686E
Requests: 2 HTTP requests in this frame

Frame: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
Frame ID: 5E1C4E66C8E5BF5FCBCC2905A2EF4007
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
Frame ID: 228BCEE3A1B1859404F202D6CF2685DE
Requests: 2 HTTP requests in this frame

Frame: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo
Frame ID: 3CDC199BF0DE5FCF9846A4FDC70BE2CB
Requests: 9 HTTP requests in this frame

Frame: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Frame ID: 1215705670A4B9DDE54061E499063DE5
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9A3E49D3207492EC7C90D12323CA8CB6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BFF5773DE3B96B2E1FAEE6DD9478D18B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 03A007E2B245CA297D8E0C89C8D13665
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 592E01136AC9EC30A914390F0B17177F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

87
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

28
Subdomains

25
IPs

5
Countries

1463 kB
Transfer

2640 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://gum.criteo.com/sid/json?origin=publishertag&domain=media.adpnut.com&sn=ChromeSyncframe&so=0&topUrl=ads.mtgroup.kr HTTP 302
https://mug.criteo.com/sid?cpp=jII71Hx2YTVmQ01TcjNSNHE4Mzg4dHFhU3FTYkhKYnl6b3l3SUYveVZNVC9pN3dxUHpvbGt3TUViOFRJancwbGhIN2ZDRzhGVkY5MmVwOEZLN01PaU9zWWdzcW5ITlEvRDhPZk9WbkxqS2g5U1RWSmpFVXY2b3Nhdy9LRW1QVWVwN3JRQzZ0bGg2YWw2SVJyN1dyc3oxYmwyb1VjUi9ubU4yVWFvYWJnd0Y3S3FhMzZpMG9UTWMyTDk4Q3MzY3cvRDR1YzZoeGhHSitHQU1kR1BLY3Z4c0greEFRPT18&cppv=2

Request Chain 30

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3533864070776314&output=html&h=250&slotname=moneytoday_inarticle_p_300_250&adk=3020253676&adf=3504428149&pi=t.ma~as.moneytoday_inarticl_&w=300&format=300x250&url=%2F%2Fwww.sportsseoul.com&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630533900282&bpp=56&bdt=3841&idt=124&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=5389466762188&frm=24&ife=1&pv=2&ga_vid=1596821912.1630533900&ga_sid=1630533900&ga_hid=1744157118&ga_fc=0&nhd=3&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2198060315&scr_x=-12245933&scr_y=-12245933&eid=31062314%2C31062297&oid=3&pvsid=1974792710466316&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&top=https%3A%2F%2Fads.mtgroup.kr%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e4cp2c4co3fg&fsb=1&dtd=157 HTTP 302
https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google

Request Chain 32

https://interface.interworksmedia.co.kr/audience/interworks/?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe HTTP 301
https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe

Request Chain 35

https://idm.skplanet.com/pixel?nid=17&uid=a865560f0b7011eca596001e0bc01be2&url=%2F%2Fcdn.interworksmedia.co.kr%2Fempty.html&channel=web&debug=n HTTP 302
https://idm.skplanet.com/pixelb?new_dmp_uid=Y&nid=17&uid=a865560f0b7011eca596001e0bc01be2&url=%2F%2Fcdn.interworksmedia.co.kr%2Fempty.html&channel=web&debug=n HTTP 302
https://cdn.interworksmedia.co.kr/empty.html

Request Chain 44

https://gum.criteo.com/sid/json?origin=publishertag&domain=imp.piclick.kr&sn=ChromeSyncframe&so=0&topUrl=ads.mtgroup.kr HTTP 302
https://mug.criteo.com/sid?cpp=CNJgW3xJbXZaYVBadERLS3FsYnFjckUxU0xZSWdvZHl5UnNtMERndGdkNlRXbEVIT1d3NTRrWkJNWkx2MVNwV2x1eW9XTndVeFVtSjg0bGlFSlFJd3U4RUhISjdWWEVlalY2SW14WTd2TEMxdkRocGtCOU5wRHpBTnVkbEJwMU43QmtXN3B2cEhxMnBRbnkrUmlWWmEwNHdSSnd6aFdoOGNsTmtsczVhZjJ0ZVRyNlNPTGsxc2pYWjBuRWdiNndZalpnSkF3dklsQ2d4UzJUMU1IYWJidVpJMGJnPT18&cppv=2

Request Chain 49

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3533864070776314&output=html&h=250&slotname=mt_inarticle01_v_300_250&adk=1385484075&adf=3019934144&pi=t.ma~as.mt_inarticle01_v_30_&w=300&format=300x250&url=mt.co.kr&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Fimp.piclick.kr%2F%3Fs%3D1216%26tp%3Dtie2%26size%3D300x250%26vp%3Dmside%26sicon%3D0%26pbu%3D%25252f%25252fmedia.adpnut.com%25252fcgi-bin%25252fPelicanC.dll%25253fadservicename%25253dIMPR%252526pageid%25253d0430%252526campaignid%25253d03QJ%252526gothrough%25253dnextgrade%252526out%25253diframe%26loc%3Dhttps%253A%252F%252Fds.interworksmedia.co.kr%252FRealMedia%252Fads%252Fadstream_sx.ads%252Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%252Fagency%2540x04%253FRM_Exclude%253Dgoogle%26dsp%3D%7Ccriteo%7Cdion&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630533904768&bpp=10&bdt=67&idt=75&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=7270940724032&frm=8&ife=1&pv=2&ga_vid=1318783800.1630533905&ga_sid=1630533905&ga_hid=120290027&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1084911691&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C44747621%2C31062314%2C21065724%2C31062297&oid=3&pvsid=752364258673481&loc=https%3A%2F%2Fimp.piclick.kr%2F%3Fv%3D3%26size%3D300x250%26s%3D1216%26pbu%3D%25252f%25252fmedia.adpnut.com%25252fcgi-bin%25252fPelicanC.dll%25253fadservicename%25253dIMPR%252526pageid%25253d0430%252526campaignid%25253d03QJ%252526gothrough%25253dnextgrade%252526out%25253diframe%26loc%3Dhttps%253A%252F%252Fds.interworksmedia.co.kr%252FRealMedia%252Fads%252Fadstream_sx.ads%252Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%252Fagency%2540x04%253FRM_Exclude%253Dgoogle&top=https%3A%2F%2Fads.mtgroup.kr&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9cqsiqn9fiz1&fsb=1&dtd=102 HTTP 302
https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set news@x04 Show response
ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/ 407 B
877 B 2157ms
270ms Document
text/html 183.111.27.168
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.111.27.168 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Apache /
Resource Hash: d60ef0ac2ab2d645f1eda0484c737dec31b75fc09c7c73ba2cd6e89bbe6e1a57

Request headers

Host: ads.mtgroup.kr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:04:53 GMT
Server: Apache
Set-Cookie: OAX=UmYScmEv+QUABmw3; path=/; expires=Fri, 01-Sep-23 22:04:53 GMT; domain=.mtgroup.kr
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin: *
HN: DE3
Pragma: no-cache
Expires: Fri, 30 Oct 1998 14:19:41 GMT
Cache-Control: no-cache,no-store,private
Content-Length: 407
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame 4024 3 KB
3 KB 1071ms
262ms Document
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Gyeonggi-do, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 07c8974463804c39ff9872c39613532a50ba620b798ae2a81a6e600845166358

Request headers

Host: media.adpnut.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.mtgroup.kr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.mtgroup.kr/

Response headers

Server: Microsoft-IIS/10.0
Date: Wed, 01 Sep 2021 22:04:54 GMT
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html
Set-Cookie: FOIN_REF1=https://ads.mtgroup.kr/; expires=Thu, 16-Sep-2021 07:04:54 GMT; path=/; SameSite=None; Secure; HEAD=021050Shne3Km; expires=Tue, 02-Sep-2031 00:00:00 GMT; path=/; SameSite=None; Secure;

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 4024 118 KB
39 KB 96ms
45ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:54 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:03 GMT
server: nginx
etag: W/"6115450b-1d808"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Sep 2021 22:04:54 GMT

GET
H/1.1 200
OK tend.js Show response
js.ad4989.co.kr/common/js/ Frame 4024 35 KB
7 KB 1956ms
287ms Script
application/javascript 175.126.57.170
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 175.126.57.170 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: bb541f6dd30f673916486eae29c696d88aafdf160d9c0fb443eba01f09957ca6

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:04:56 GMT
Via: STON Edge Server/2.7.9
Last-Modified: Mon, 26 Apr 2021 09:08:56 GMT
Server: Microsoft-IIS/8.5
ETag: "60868328:1adf"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 6879

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4024 0
189 B 74ms
24ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=89902233316
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://media.adpnut.com
date: Wed, 01 Sep 2021 22:04:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame F801 2 KB
2 KB 791ms
264ms Script
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&lang=utf-8&grade=2&out=script
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Gyeonggi-do, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 869e4b56bba3e7c450c012cb799b46a227a7118fbccfc3fee7389aa1c84edf46

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:04:55 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

POST
H2 204 events
bidder.criteo.com/csm/ Frame 4024 0
189 B 25ms
24ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://media.adpnut.com
date: Wed, 01 Sep 2021 22:04:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 4024 43 B
337 B 23ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 27 Aug 2022 22:04:54 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 4024 43 B
337 B 24ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 27 Aug 2022 22:04:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F801 72 KB
25 KB 119ms
48ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&lang=utf-8&grade=2&out=script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

71968d037d32f95cd435709e702d0d49037101161727604162c1bf23e80d4311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "975 / 7 of 1000 / last-modified: 1630518285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25622
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:04:55 GMT

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F801 333 KB
117 KB 52ms
48ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:04:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ Frame F801 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=media.adpnut.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F801 107 B
570 B 35ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=media.adpnut.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F801 372 B
194 B 282ms
281ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3217441162382213&correlator=3720565115701542&output=ldjh&impl=fif&eid=21068030%2C22316438%2C44749369%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=21682743634%3A21021542%2CS017%2Cnews.mt%2Cga02%2Cpc%2Cpost_mid_btf_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=4&cdm=media.adpnut.com&bc=31&abxe=1&dt=1630533896150&dlt=1630533894957&idt=1091&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=4078018529&ucis=85r1ingg9ciy&ifi=1&ifk=2198060315&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=2&url=%2F%2Fmt.co.kr&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&top=ads.mtgroup.kr&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=830872719.1630533896&ga_sid=1630533896&ga_hid=1126976693&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4e74c3143822f07f28663942b2b8ebe8422fe5de8e890e9165c3d8a16cd29482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://media.adpnut.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63BE 6 KB
3 KB 138ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 22:04:56 GMT
expires: Thu, 01 Sep 2022 22:04:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame 5445 181 B
424 B 787ms
263ms Script
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&campaignid=03E6&gothrough=nextgrade&out=script
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Gyeonggi-do, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2cc8f06b2867d647eb447110575839ac4917584682d0f436336f034e8dc1739b

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:04:57 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F801 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f45351dcdf496908676261f59b22547e6536f7102db43ad48ccd1112dc260dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F801 17 KB
7 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:04:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1DBF 12 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 19:32:06 GMT
expires: Thu, 01 Sep 2022 19:32:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F32 783 B
943 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f407292a9624df7ec08869fb2cbd11c76e28aad51e67d4d1114aeb0a77ec6428

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wKtSRJlzTs7ODJCoyDSTIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 01 Sep 2021 22:04:56 GMT
date: Wed, 01 Sep 2021 22:04:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wKtSRJlzTs7ODJCoyDSTIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DBF 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 17:30:38 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6CF0 11 KB
5 KB 77ms
27ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2048
set-cookie: uid=929316d2-c314-4068-b7d9-f3c75bc56422; expires=Mon, 26 Sep 2022 22:04:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 01 Sep 2021 22:04:55 GMT
content-length: 4666

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F801 0
0 56ms
56ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=3217441162382213&bg=!BAelB0PNAAZOkH6FTpA7ACkAdvg8WoKeAUj_vzmxMvfZARtn5d_qNIGaYrhgpEpw__klnQShHoPq0wIAAABNUgAAAA9oAQcKAIYGMFieGIRKFmVyafIDDefloH9X_gJd5Nc8F9-N7y8_LjbETBgpDvvr7alRwT0qdxmjElt-Wotsmo2fo1Mvw570ciJRkoZMJ3_a4WzLzG26x7AK4egswTAWTuAnr6JwLGwnZnbGyozvpGjipcE0RtPioWIwrASB7iOr4d0fJun0xR_wd9fyG5kCowjZLsenEcdm3fXF7b_-70poB169XRCOerwPkWIpk133QcTXfsFFRRW3g9keaA0PTYLUvwIvqUrj7-TxTRqzUlSAsRe5QXJG1-MJVS518vVNQbezeJN5_hsFsRPRBQVH_BTVLhV-sSGG9fVZfZWGH1MeEUgiGDuoRsvTdrQbH2HSpKULVrgx_DPtG3wscF0YhCzTQ_Rc63ODDcjBmy9wn-RIg0Q0yHCy8FjrSoq4GPrPG4jvsOKFe4_8FWEjvrjCGM-P0UUqInAtA1KAi27Z142zXuVJMaFzzYUyeC2nXznwznX6EIv8AzNi7-7IqtEWJDoTePQXYJSVRmume6WgxcNZu_xCoBpsjVexwlh1YWTBvXO0i4tMhijX7FMq8-k4iBwVpLVMcX0erKwHTG4MFJPCsk6I6meWFGH-PIrWC5DNTb5AcsD5UqhS_eAlfXdnXvMAek6mocksSykFLqQchXtaKJuov5QpHKb9qD4TQy9pePy5vI1ciLitK_GMRcOPFRHehHg0QCsQIjR5XX4uMydBu8Wcsw2qjsZTmNg9Px5LflRI3vWTnY8Rrz8PcdzpJ35LOhd_aO0IMYQg8W5kvhl0LV9Z0IwN6p8wttvYQUwKPasjtZqfdFzOtAn44vYNJVvjY_f5qP2A69iIS5AUDnmhBABA2zE4b3t5OnjPSM7omY1bxAFn4ma-8VkD7e4Y4AQpjCa0_ObGA2vvdUiWyCRkRw531hU8sSin2X8kDPethdF2Q9cl7lmmR656jJTqVMs-lN0aCJsvRnoXbAiFujwhzshpuIAq_IjQ5hB7IcLTJlLicY8plWB1_Su79J4snH75vdywontrZ5VYat0pLAb-mC5mOuzlD0QOPPuLuobc7OlUKJjiTP6s4nrDm8yolZGqHg
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/mt_pc/news@x04
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6CF0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=media.adpnut.com&sn=ChromeSyncframe&so=0&topUrl=ads.mtgroup.kr
https://mug.criteo.com/sid?cpp=jII71Hx2YTVmQ01TcjNSNHE4Mzg4dHFhU3FTYkhKYnl6b3l3SUYveVZNVC9pN3dxUHpvbGt3TUViOFRJancwbGhIN2ZDRzhGVkY5MmVwOEZLN01PaU9zWWdzcW5ITlEvRDhPZk9WbkxqS2g5U1RWSmpFVXY2b3Nhdy9LRW...

340 B
555 B

89ms
25ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jII71Hx2YTVmQ01TcjNSNHE4Mzg4dHFhU3FTYkhKYnl6b3l3SUYveVZNVC9pN3dxUHpvbGt3TUViOFRJancwbGhIN2ZDRzhGVkY5MmVwOEZLN01PaU9zWWdzcW5ITlEvRDhPZk9WbkxqS2g5U1RWSmpFVXY2b3Nhdy9LRW1QVWVwN3JRQzZ0bGg2YWw2SVJyN1dyc3oxYmwyb1VjUi9ubU4yVWFvYWJnd0Y3S3FhMzZpMG9UTWMyTDk4Q3MzY3cvRDR1YzZoeGhHSitHQU1kR1BLY3Z4c0greEFRPT18&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

778d163e1374a2411cc2a62977866b782a825622b6721cdae711cabca69e8523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 01 Sep 2021 22:04:56 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2450
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 01 Sep 2021 22:04:56 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=jII71Hx2YTVmQ01TcjNSNHE4Mzg4dHFhU3FTYkhKYnl6b3l3SUYveVZNVC9pN3dxUHpvbGt3TUViOFRJancwbGhIN2ZDRzhGVkY5MmVwOEZLN01PaU9zWWdzcW5ITlEvRDhPZk9WbkxqS2g5U1RWSmpFVXY2b3Nhdy9LRW1QVWVwN3JRQzZ0bGg2YWw2SVJyN1dyc3oxYmwyb1VjUi9ubU4yVWFvYWJnd0Y3S3FhMzZpMG9UTWMyTDk4Q3MzY3cvRDR1YzZoeGhHSitHQU1kR1BLY3Z4c0greEFRPT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1683
content-length: 455
expires: 0

GET
H2 200 33CB7515 Show response
tm.interworksmedia.co.kr/ads.js/ Frame 5445 158 B
548 B 1460ms
288ms Script
text/javascript 121.254.154.40
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tm.interworksmedia.co.kr/ads.js/33CB7515

Requested by

Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&campaignid=03E6&gothrough=nextgrade&out=script

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

121.254.154.40 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

f6ecc8c074f12065099da1da7e1056078b650be7e4a4ee00bad6846971e7c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:58 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
p3p: CP='CUR ADM OUR NOR STA NID'
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
x-request-id: 91927d593a5d86b37ba1d4b6ff45f31a

GET
H/1.1 200
OK agency@x04 Show response
ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/ Frame 5445 1 KB
2 KB 1497ms
300ms Script
application/x-javascript 121.254.154.6
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04
Requested by: Host: tm.interworksmedia.co.kr
URL: https://tm.interworksmedia.co.kr/ads.js/33CB7515
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.154.6 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache/2.2.34 (Unix) /
Resource Hash: b76ed69ce914a91c0e4c0c71da06c0ebfe86d72c43eac0a726fa26d8ef0e9698

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:05:00 GMT
Server: Apache/2.2.34 (Unix)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control: no-cache,no-store,private
Connection: close
Content-Type: application/x-javascript
Content-Length: 1460
Expires: Fri, 30 Oct 1998 14:19:41 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5445 98 KB
35 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b27850e9bf45770196e2d2648f2781021792cdea5d05407566abb222972da5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35443
x-xss-protection: 0
server: cafe
etag: 1484597464187390499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 22:05:00 GMT

GET
H/1.1 200
OK audience.min.js Show response
cdn.interworksmedia.co.kr/js/ Frame 5445 6 KB
3 KB 1230ms
286ms Script
application/javascript 14.0.113.205
CDNETWORKS-AS-KR ...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.interworksmedia.co.kr/js/audience.min.js
Requested by: Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.113.205 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: d6de8dc35a831fe460a477b6a6c6fa99dd132a6bb3ff645d52452cc186a4f47b

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:05:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Nov 2020 04:52:46 GMT
Server: PWS/8.3.1.0.8
X-Ws-Request-Id: 612ff90d_PShgseSEL4ka136_39146-27597
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Px: ht PShgseSEL4uz147GMP
Connection: keep-alive
Accept-Ranges: bytes
Via: 1.1 PShgseSEL3ug101:9 (W), 1.1 PShgseSEL4uz147:13 (W)

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame 5445 250 KB
93 KB 41ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3533864070776314&plah=media.adpnut.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 22:05:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5445 107 B
853 B 40ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=media.adpnut.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3533864070776314&plah=media.adpnut.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5445 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=media.adpnut.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

Cookie set agency@x04 Show response
ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/ Frame A938
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3533864070776314&output=html&h=250&slotname=moneytoday_inarticle_p_300_250&adk=3020253676&adf=3504428149&pi=t.ma~as.moneytoday_inarticl_...
https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google

156 B
610 B

832ms
278ms

Document
text/html

121.254.154.6
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3533864070776314&plah=media.adpnut.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.154.6 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache/2.2.34 (Unix) /
Resource Hash: 0cb5e6b6a4862270a2b289697acaf756138162b39dcfa62663aaea8b0d56118f

Request headers

Host: ds.interworksmedia.co.kr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

Date: Wed, 01 Sep 2021 22:05:01 GMT
Server: Apache/2.2.34 (Unix)
Set-Cookie: OAX=UmYScmEv+Q0ABWnR; path=/; expires=Fri, 01-Sep-23 22:05:01 GMT; domain=.interworksmedia.co.kr
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Pragma: no-cache
Expires: Fri, 30 Oct 1998 14:19:41 GMT
Cache-Control: no-cache,no-store,private
Content-Length: 156
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 22:05:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 22:20:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5445 72 KB
27 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:05:00 GMT

GET
H/1.1

200
OK

Cookie set interworks Show response
interface.interworksmedia.co.kr/audience/ Frame E041
Redirect Chain

https://interface.interworksmedia.co.kr/audience/interworks/?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF...
https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%...

296 B
812 B

306ms
306ms

Document
text/html

121.254.154.32
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe

Requested by

Host: cdn.interworksmedia.co.kr
URL: https://cdn.interworksmedia.co.kr/js/audience.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

121.254.154.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),

Reverse DNS

Software

nginx /

Resource Hash

cc6c3c9d6854038279cd945893e8541b4fb465a4cb149763bf97aa30e5bc96b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: interface.interworksmedia.co.kr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

Server: nginx
Date: Wed, 01 Sep 2021 22:05:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: __uid=a865560f0b7011eca596001e0bc01be2; Path=/; Domain=interworksmedia.co.kr; Expires=Fri, 01 Sep 2023 22:05:03 GMT; Max-Age=63072000
X-Request-ID: 3bf9e771ae11c9f8d2c5e805a0386d64
P3P: CP='CUR ADM OUR NOR STA NID'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 01 Sep 2021 22:05:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 567
Connection: keep-alive
Location: /audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe
X-Request-ID: f0b0bb09b8091c711be01633da2c80b8
P3P: CP='CUR ADM OUR NOR STA NID'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame A938 352 B
700 B 796ms
263ms Script
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&campaignid=02kZ&gothrough=nextgrade&out=script
Requested by: Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Gyeonggi-do, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9eb7ed74ce1c96d706924d15d093bf9837f55b7ec51cca6d2069206ca72f97b3

Request headers

Referer: https://ds.interworksmedia.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:05:02 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

GET
H2 200 iframe.min.js Show response
apis.piclick.me/v3/publish/banner/ Frame A938 5 KB
2 KB 1117ms
288ms Script
application/javascript 52.78.71.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.piclick.me/v3/publish/banner/iframe.min.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&campaignid=02kZ&gothrough=nextgrade&out=script
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.71.79 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-71-79.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ac3156290c1ccb0541ebfd561bd860538974ada145ddecd88c0c402f1579b152

Request headers

Referer: https://ds.interworksmedia.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:03 GMT
content-encoding: gzip
last-modified: Wednesday, 01-Sep-2021 22:06:07 GMT
server: nginx
etag: W/"5fa3a124-12c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H/1.1

200
OK

empty.html
cdn.interworksmedia.co.kr/ Frame E041
Redirect Chain

https://idm.skplanet.com/pixel?nid=17&uid=a865560f0b7011eca596001e0bc01be2&url=%2F%2Fcdn.interworksmedia.co.kr%2Fempty.html&channel=web&debug=n
https://idm.skplanet.com/pixelb?new_dmp_uid=Y&nid=17&uid=a865560f0b7011eca596001e0bc01be2&url=%2F%2Fcdn.interworksmedia.co.kr%2Fempty.html&channel=web&debug=n
https://cdn.interworksmedia.co.kr/empty.html

0
0

283ms
283ms

Image
text/html

14.0.113.205
CDNETWORKS-AS-KR ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.interworksmedia.co.kr/empty.html
Requested by: Host: interface.interworksmedia.co.kr
URL: https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.113.205 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://interface.interworksmedia.co.kr/audience/interworks?random=1630533901433&v=1&fv=0&fmt=1&label=AGC2011A_PEANUT.MT.NEWS_BA_300X250_CMTF_3&item=agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency;x04;&w=1600&h=1200&cd=24&his=2&tz=120&cs=utf-8&java=0&lang=en-US&cookie=1&plug=0&mime=0&frm=2&url=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe&ref=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D0430%26out%3Diframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

Redirect headers

Location: //cdn.interworksmedia.co.kr/empty.html
Date: Wed, 01 Sep 2021 22:05:05 GMT
Server: nginx
Connection: close
Content-Length: 138
Content-Type: text/html

GET
H2 200 / Show response
imp.piclick.kr/ Frame 5E1C 2 KB
2 KB 821ms
267ms Document
text/html 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
Requested by: Host: apis.piclick.me
URL: https://apis.piclick.me/v3/publish/banner/iframe.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76eda827f5a18594f91004a34bcfb181461f8c47436bfc79df7d015650d67590

Request headers

:method: GET
:authority: imp.piclick.kr
:scheme: https
:path: /?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ds.interworksmedia.co.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ds.interworksmedia.co.kr/

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 01 Sep 2021 22:05:03 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=1545623184.1630533903; expires=Sat, 30-Aug-2031 22:05:03 GMT; Max-Age=315360000; path=/; SameSite=None; Secure; domain=piclick.kr
content-encoding: gzip

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5E1C 118 KB
39 KB 27ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:03 GMT
server: nginx
etag: W/"6115450b-1d808"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Sep 2021 22:05:04 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5E1C 0
187 B 30ms
29ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=90261008267
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://imp.piclick.kr
date: Wed, 01 Sep 2021 22:05:04 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 228B 11 KB
5 KB 25ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imp.piclick.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imp.piclick.kr/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1999
set-cookie: uid=cd86915d-3d52-401d-85db-13b9014d284a; expires=Mon, 26 Sep 2022 22:05:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 01 Sep 2021 22:05:04 GMT
content-length: 4666

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5E1C 0
187 B 25ms
23ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://imp.piclick.kr
date: Wed, 01 Sep 2021 22:05:04 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5E1C 43 B
337 B 25ms
24ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 27 Aug 2022 22:05:04 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5E1C 43 B
337 B 26ms
25ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 27 Aug 2022 22:05:04 GMT

GET
H2 200 / Show response
imp.piclick.kr/ Frame 3CDC 822 B
1011 B 266ms
266ms Document
text/html 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6c02ba7e0b0c40372ae2ab7b8531223ce221974094f027e84515adc786837a79

Request headers

:method: GET
:authority: imp.piclick.kr
:scheme: https
:path: /?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=1545623184.1630533903
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imp.piclick.kr/?v=3&size=300x250&s=1216&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 01 Sep 2021 22:05:04 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=1545623184.1630533903; expires=Sat, 30-Aug-2031 22:05:04 GMT; Max-Age=315360000; path=/; SameSite=None; Secure; domain=piclick.kr
content-encoding: gzip

GET
H2

200

sid Show response
mug.criteo.com/ Frame 228B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=imp.piclick.kr&sn=ChromeSyncframe&so=0&topUrl=ads.mtgroup.kr
https://mug.criteo.com/sid?cpp=CNJgW3xJbXZaYVBadERLS3FsYnFjckUxU0xZSWdvZHl5UnNtMERndGdkNlRXbEVIT1d3NTRrWkJNWkx2MVNwV2x1eW9XTndVeFVtSjg0bGlFSlFJd3U4RUhISjdWWEVlalY2SW14WTd2TEMxdkRocGtCOU5wRHpBTnVkbE...

345 B
559 B

26ms
25ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CNJgW3xJbXZaYVBadERLS3FsYnFjckUxU0xZSWdvZHl5UnNtMERndGdkNlRXbEVIT1d3NTRrWkJNWkx2MVNwV2x1eW9XTndVeFVtSjg0bGlFSlFJd3U4RUhISjdWWEVlalY2SW14WTd2TEMxdkRocGtCOU5wRHpBTnVkbEJwMU43QmtXN3B2cEhxMnBRbnkrUmlWWmEwNHdSSnd6aFdoOGNsTmtsczVhZjJ0ZVRyNlNPTGsxc2pYWjBuRWdiNndZalpnSkF3dklsQ2d4UzJUMU1IYWJidVpJMGJnPT18&cppv=2

Requested by

Host: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_sx.ads/agency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF/agency@x04?RM_Exclude=google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b2f8b65d257e5445f30b4df7e639e711670579a709f1d309df564f4ca564cf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 01 Sep 2021 22:05:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2474
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 01 Sep 2021 22:05:03 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=CNJgW3xJbXZaYVBadERLS3FsYnFjckUxU0xZSWdvZHl5UnNtMERndGdkNlRXbEVIT1d3NTRrWkJNWkx2MVNwV2x1eW9XTndVeFVtSjg0bGlFSlFJd3U4RUhISjdWWEVlalY2SW14WTd2TEMxdkRocGtCOU5wRHpBTnVkbEJwMU43QmtXN3B2cEhxMnBRbnkrUmlWWmEwNHdSSnd6aFdoOGNsTmtsczVhZjJ0ZVRyNlNPTGsxc2pYWjBuRWdiNndZalpnSkF3dklsQ2d4UzJUMU1IYWJidVpJMGJnPT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1935
content-length: 455
expires: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3CDC 98 KB
35 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b27850e9bf45770196e2d2648f2781021792cdea5d05407566abb222972da5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35443
x-xss-protection: 0
server: cafe
etag: 1484597464187390499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 22:05:04 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame 3CDC 250 KB
93 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3533864070776314&plah=imp.piclick.kr

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 22:05:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3CDC 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imp.piclick.kr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3CDC 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imp.piclick.kr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

/ Show response
imp.piclick.kr/ Frame 1215
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3533864070776314&output=html&h=250&slotname=mt_inarticle01_v_300_250&adk=1385484075&adf=3019934144&pi=t.ma~as.mt_inarticle01_v_30_&w=300...
https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03...

15 KB
4 KB

281ms
281ms

Document
text/html

52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3533864070776314&plah=imp.piclick.kr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2c3ff8b90d6bfc1bfd4c0a0328c9b8ea70dfcd5c9f365cee028fa8953ecbef68

Request headers

:method: GET
:authority: imp.piclick.kr
:scheme: https
:path: /?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imp.piclick.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=1545623184.1630533903
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imp.piclick.kr/

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=1545623184.1630533903; expires=Sat, 30-Aug-2031 22:05:05 GMT; Max-Age=315360000; path=/; SameSite=None; Secure; domain=piclick.kr
content-encoding: gzip

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 22:05:05 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 22:20:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CDC 72 KB
27 KB 38ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:05:04 GMT

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ Frame 1215 86 KB
30 KB 28ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Origin: https://imp.piclick.kr
Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 19:56:14 GMT
server: nginx
etag: W/"5cae4a5e-15857"
vary: Accept-Encoding
x-hw: 1630533905.dop219.fr8.t,1630533905.cds224.fr8.hc,1630533905.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30632

GET
H2 200 swipe.css
imp.piclick.kr/template/css/ Frame 1215 5 KB
5 KB 263ms
263ms Stylesheet
text/css 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/template/css/swipe.css
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2

Request headers

Referer: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 24 Jun 2020 02:20:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ef2b858-1288"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4744
expires: Fri, 01 Oct 2021 22:05:05 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
575 B 937ms
927ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO4EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb&pv=1
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 picban.png
cdn.piclick.me/dabang/images/ Frame 1215 7 KB
8 KB 51ms
20ms Image
image/png 2606:4700:3030::6815:e69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.piclick.me/dabang/images/picban.png
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a30a4112babab09be4d8ea2f7fcea0bbc71a51b438a5af54307e3acf7dc4a8cc

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55470
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7465
last-modified: Fri, 06 Jul 2018 09:01:24 GMT
server: cloudflare
etag: "5b3f2fe4-1d29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X93XDx9L80Q5003HCWGM42bX6TybnEZVFHy0MwzN%2FRZLlc0paeUpW%2FK8nnHtapH37h%2BoufL6Qf0auDnjQQJ%2BGyzXoskrvTNhubzSmzr6e%2B0L9ZQ%2Fgu60d3YemZqqBAhZYWvDhe7TwQumvPQnpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6881cc4cfe19bf00-FRA
expires: Thu, 02 Sep 2021 06:41:35 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 935ms
926ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO4EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:04 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 934ms
926ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO2EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 934ms
926ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOwMDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:04 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 933ms
927ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOzEDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:04 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 930ms
926ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOzcDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 262ms
262ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOwEDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 swipe.js Show response
imp.piclick.kr/template/js/ Frame 1215 88 KB
88 KB 465ms
464ms Script
application/javascript 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/template/js/swipe.js
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Request headers

Referer: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Tue, 04 May 2021 06:43:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6090ed17-15f88"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 89992
expires: Fri, 01 Oct 2021 22:05:05 GMT

GET
H2 200 animate.css
imp.piclick.kr/template/css/ Frame 1215 68 KB
68 KB 931ms
930ms Stylesheet
text/css 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.piclick.kr/template/css/animate.css
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 70c941a384137809113d33db0b4d68e31a85f711cdbfb5a2952564ac08fdc6e5

Request headers

Referer: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:05 GMT
last-modified: Tue, 04 May 2021 06:43:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6090ed17-1105f"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 69727
expires: Fri, 01 Oct 2021 22:05:05 GMT

GET
H2 200 3b87a555-70a4-46bc-8fc5-9ab78f9a52c0.jpg
static.coupangcdn.com/image/retail/images/2021/07/30/14/4/ Frame 1215 114 KB
115 KB 951ms
32ms Image
image/jpeg 104.75.88.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/retail/images/2021/07/30/14/4/3b87a555-70a4-46bc-8fc5-9ab78f9a52c0.jpg
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d5625f813872ef1bfd43566c324e44cd8626dffd4f3fb65a5e2cd7a013d7e05e

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
last-modified: Fri, 30 Jul 2021 05:40:28 GMT
server: AmazonS3
etag: "33dd0ed2f49866b36b49f72b53f5c477"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 117026
expires: Tue, 30 Nov 2021 22:05:07 GMT

GET
H2 200 f9c124e594f965c6a88cc560411fe99f66a200a16e079205ff17e5d50f15.jpeg
static.coupangcdn.com/image/vendor_inventory/f51c/ Frame 1215 69 KB
69 KB 1001ms
82ms Image
image/jpeg 104.75.88.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/vendor_inventory/f51c/f9c124e594f965c6a88cc560411fe99f66a200a16e079205ff17e5d50f15.jpeg
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 79ee4bff652b362e8ad7e9daa661469829472c07a92922c8789b11541b061343

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
last-modified: Thu, 14 Jan 2021 06:43:35 GMT
server: AmazonS3
etag: "f6b100d75c662cbfd1ba68f7e7631962"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 70194
expires: Tue, 30 Nov 2021 22:05:07 GMT

GET
H2 200 f2523b55f6228a567a845b6b6e8b6aed22b4cb9d06542f27f87db9414bb8.jpg
static.coupangcdn.com/image/vendor_inventory/f6e6/ Frame 1215 39 KB
39 KB 998ms
79ms Image
image/jpeg 104.75.88.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/vendor_inventory/f6e6/f2523b55f6228a567a845b6b6e8b6aed22b4cb9d06542f27f87db9414bb8.jpg
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e6f2523b55f6228a567a845b6b6e8b6aed22b4cb9d06542f27f87db9414bb8

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
last-modified: Sat, 26 Jun 2021 03:05:17 GMT
server: AmazonS3
etag: "b87a9830f4b6e200a313b782d7920663"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 39782
expires: Tue, 30 Nov 2021 22:05:07 GMT

GET
H2 200 338065422689378-ee410472-91a4-427a-93e1-b51f228bac81.jpg
static.coupangcdn.com/image/retail/images/ Frame 1215 316 KB
316 KB 1000ms
81ms Image
image/jpeg 104.75.88.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/retail/images/338065422689378-ee410472-91a4-427a-93e1-b51f228bac81.jpg
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 14efe3ad579358a9eafb026da53e44a84f4318ff590e1db32f213417a81a8d70

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
last-modified: Mon, 07 Jun 2021 08:29:01 GMT
server: AmazonS3
etag: "d525b53056d0db1666b36c0cc6fc2459"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 323123
expires: Tue, 30 Nov 2021 22:05:07 GMT

GET
H2 200 8d5e54a5e45a1a01e3d7fcf05b903298b35df0002b21d843f81297db8e13.jpg
static.coupangcdn.com/image/vendor_inventory/13b2/ Frame 1215 37 KB
37 KB 1001ms
82ms Image
image/jpeg 104.75.88.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/vendor_inventory/13b2/8d5e54a5e45a1a01e3d7fcf05b903298b35df0002b21d843f81297db8e13.jpg
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 13b28d5e54a5e45a1a01e3d7fcf05b903298b35df0002b21d843f81297db8e13

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
last-modified: Fri, 27 Aug 2021 06:13:58 GMT
server: AmazonS3
etag: "366d118ea463e834e12f18b7cd7f7c72"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 37750
expires: Tue, 30 Nov 2021 22:05:07 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 263ms
261ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO4EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:06 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 264ms
262ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO2EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 264ms
263ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOwMDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:06 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 265ms
264ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOzEDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 120 B
656 B 264ms
263ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkOzcDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:06 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log.php
log.piclick.kr/log/ Frame 1215 0
446 B 262ms
261ms Image
image/png 52.78.184.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.piclick.kr/log/log.php?k=%3D%3DgOxIzN6I1SFZVSMpzMyozVStkO4EDM5MjO3YjNyoDiS2egDyOuK2OpKyOoyuOIDB1QgEKjtD6vs3iUTBlO2EjMxoDMwYTM&s=1216&ad=sb&pv=1&lognew=1
Requested by: Host: imp.piclick.kr
URL: https://imp.piclick.kr/?s=1216&tp=tie2&size=300x250&vp=mside&sicon=0&pbu=%252f%252fmedia.adpnut.com%252fcgi-bin%252fPelicanC.dll%253fadservicename%253dIMPR%2526pageid%253d0430%2526campaignid%253d03QJ%2526gothrough%253dnextgrade%2526out%253diframe&loc=https%3A%2F%2Fds.interworksmedia.co.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fagency.peanut_www.mt.co.kr_NEWS_BA_300X250_CMTF%2Fagency%40x04%3FRM_Exclude%3Dgoogle&dsp=|criteo|dion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.184.209 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-184-209.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:05:06 GMT
last-modified: Wed, 01 Sep 2021 22:05:06 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3CDC 11 KB
8 KB 29ms
28ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6aff5fa2fcbbb94e86c551ad236d2ad6969c0311a2a05b66bcd16f7d9e8df46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8622
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5445 11 KB
8 KB 27ms
27ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f2c48544b55177b83053cc183db83a334a2a56ee39c28720f71d52bb652a96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8546
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CDC 17 KB
6 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:05:07 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5445 17 KB
6 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:05:07 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9A3E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imp.piclick.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imp.piclick.kr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 19:32:06 GMT
expires: Thu, 01 Sep 2022 19:32:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BFF5 783 B
762 B 19ms
19ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e78caa40931707b5df2e4450a54b52b9bc31c516ab21063ba01529fd3f9c088

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b0It+D/W2JHxoGC5bjnwYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imp.piclick.kr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imp.piclick.kr/

Response headers

expires: Wed, 01 Sep 2021 22:05:07 GMT
date: Wed, 01 Sep 2021 22:05:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-b0It+D/W2JHxoGC5bjnwYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 03A0 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 19:32:06 GMT
expires: Thu, 01 Sep 2022 19:32:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 592E 783 B
735 B 25ms
23ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bf2608512e8a97b8753e3188f3913f08c0d52cccd100fd20776068515f1174f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R6QbINK8gyI7Oa11iZSTAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe

Response headers

expires: Wed, 01 Sep 2021 22:05:07 GMT
date: Wed, 01 Sep 2021 22:05:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-R6QbINK8gyI7Oa11iZSTAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A3E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 17:30:38 GMT

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 03A0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 17:30:38 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3CDC 0
0 31ms
31ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=752364258673481&bg=!aGulay_NAAZOkH6FTpA7ACkAdvg8WvVSdgqyZlWTIcZQJwTBUghFIL81Z353MYoQYS1wMGmLy8w2yAIAAACOUgAAAAxoAQcKAH1nmH_RzhMcw8jjNPdWMingFEigJMwBuV8aJpitW8E2ojUIgpNRo8t3EVwjucRIWM-c76UnATwcwfClm9wcd7_hh5O-yvGvB9vOWFs32kvDSpLb-03b40n0jau59PP0iKuGlvAx-m6Wzerhf50tCFBJiHLhJ9u2mFiLRVNGwJkDCUXJ4h2d7lKjO0Z9bq2FTYEo52zG4Y4GeE6KkZdetXoYwAPA4QRTG2HjOs2VWck1SnhT3qe8UwH0zliJdeVERB7QqmdEjp2Jl88QuFU9GnKMyEg8WgkE4iioOrEybhJf6ZqT-cKOUkq3yFUBohWn5S4HW8bHmqY4eam4qf8HEb7prj4YJgbkhaohqaqdIchXIg5Np6aV1m1L8FKDCQrvO2JPmJA6MQAmbuwL1loefAqG8eFlj0E_vtWxrT8a-RRizhhJ6BYAK3QNlM1_ETPhTKq83ux6bhUHmo68eRu4pEKdNsL5pAP07EjaWXwb72T-wlWs7ntVQ460LG7gQdyGE-yPl76Zs4_MjnOYUZRi7n1oWyYEjYimXzRqVKJP3SSiaALGi_0nA8-vrqAj3dvXhG47NuBSz-GC1aeqKnE3-lYRIlWBk2bjEtA6pVklsr8uoIcAmlf90PC2WLjVblYfBheW3qqY7WxFnevyoOk57b8t3D_8HVBJguyftIoPT3FUBhur_Sw2XEXqzS0tach_ucE-zQ4hEe0bJn-iHudxOetRvnpsKz0CyJ5fRhrWdcH3xyCfaHRfbS1EdMFVRcORYzjf4ybiic1thwY3hD7xOoELxr96g408PCBk2iGy8zFmtJ_JLUgd-GNp-GwnMSQO1yI56aQG1L8h-n_uEaBc4k0tFU9q-g8VYdmPubsNyzWz0Cfmd5qos6mW43sqXEP3GiFfBZ-mBhii6iYgwrnda5rlsf_X6hA3H2OpZPQtkFsKRQ5zOi7nOdZr2kWGzVpsqpDqsev-ol81TqXVUeaVtmZ4Bd0l3GRh_dlalaw5zj8jG5pz9exgld4pCxYVLiGR6EceO8fBq9KngUnKwFK2X2tYKp3lhT2U-oIpjzzrsFYou03DqHIJFtttkzLE7sv8J1y0ZVcPCHLZ58BhdJYfmfNt16r0wJ4hE5PqEzWLfdzZ1z2NLcArS5_ZioYJcTAb6UGn4QOLIgcOOiqXcej5LxK-Ukr3s2AIYHpmxe_n7bcOMrAJQxPEXxJpWw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imp.piclick.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5445 0
0 53ms
52ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=1974792710466316&bg=!2Nul25_NAAZOkH6FTpA7ACkAdvg8WtABTIvffzSD7Nm7132crSwVinefL7D2sEpOQ7JlmtcUuvdRWAIAAAB6UgAAAAxoAQcKALp5qbu8rHhfEe0_tvRvUgnqOO0z5iUE-y7QUe1shxwrj1N6bIXVfY2Q_O3QpBJmkWSnnO0gE-r-LxMBDGtLEPrjmD-F9j0N-V-U9K6zNlox8XI4D6WUsXzCC9fbUqYI3RrBiBKqEPOnX2276IDAQwev0AxYB39liAI8hs_adg5VFZrCihpVIS8O5ZeB5zt4jfQsmaG5mNtAla7BKiaxSY-6BGbXBkZhktvvkxcDvT95FdWn0Jxy5qBZ4byZArzykvJ_4ftKSy08A-WHo-Jr5TN5OB9TDwDdrnze1SzCOIqW5zfxkviNE8BbzI8WfAhOh9KYZWXarC4lzQiA_KcTQNcWiirl3uDIYVQnxXJa2qv3EMTaf4I5H8Uw4CNIa0YCDnamntWvTZiAaoWzdJJaimfzj-xtQLPX2Ho_CRDVHZU4AfwSLMVHx5yL7JhixSokPj0QMmlbHKbde8ib0GcU6QQuF6VGMPgtfBgNNApSt_zgcdx2_GKAerKgDucDREvHGzmhDE5eXgos7lqtFOjc6K582wpnwQA6ZidZAGZ-CJaukZt9jKpHd-o56M1ttKYdvGuWN1gmc3ZNuae-i73h955_EAykVlXzLewe-Q84s3ruJXNL3o1x3uUcEZGONZm4FDawxmmTVwbv9lWW1jFjrnFBMIY3WexGIh-hkmLK3xSCKW1jihLb9reqXU9noU4scouhQaLUa-BHSl83yTKvc2o9XF4Br1zHnPGYImvESikamzOZOz7p2EROOZ4dTJsgalqPykotwxWSWSfOrywea9BQeNIPQgHrBlPsRNWatEMc-cSck2HbFcdVYoI7JH4ctqDSnnPM_FZ2mLZAJpAKEra4gTsss26tjvwiMGKCHpoqV5lTMd2zMAAyp_jh1ofL3sWlx0Z6VqCWni_hzrijgSeOKBg1E_-MT250cJNLt2PUfNkBGFj5KqxtSPLl-aJzI5K1B1TTrMKBxDYDkHz_UNFGnhtgAUXFYrNiYjB7wJZ60xA7sdlVrqUU6cOfLI3ng3uf4XwKYtjBqN4-JfOwx73Seah0QPaV5Btv2Ii_1vLrDkK8ZP3iGMgTP3ZcZm6QB8vihaRu11xSezNogKShXN5JSU1hQfmBuNb-uFLwsDB6FNkooP-3idx520D2Ltc0Kt-Vz38mjf_9lRgMJKbE8_8JGdCmRw4o-PnD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=0430&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.criteo.com/	1970-01-20 06:17:09	Name: uid Value: 929316d2-c314-4068-b7d9-f3c75bc56422

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a5bef5fe304108746b23ee76fb31bac.safeframe.googlesyndication.com
ads.mtgroup.kr
adservice.google.com
adservice.google.de
adservice.google.fr
apis.piclick.me
bidder.criteo.com
cdn.interworksmedia.co.kr
cdn.piclick.me
code.jquery.com
ds.interworksmedia.co.kr
googleads.g.doubleclick.net
gum.criteo.com
idm.skplanet.com
imp.piclick.kr
interface.interworksmedia.co.kr
js.ad4989.co.kr
log.piclick.kr
media.adpnut.com
mug.criteo.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.coupangcdn.com
static.criteo.net
tm.interworksmedia.co.kr
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
1.234.81.14
104.75.88.17
121.254.154.32
121.254.154.40
121.254.154.6
14.0.113.205
172.217.18.98
175.126.57.170
178.250.0.157
178.250.0.165
183.111.27.168
2001:4de0:ac18::1:a:2b
221.165.139.2
2606:4700:3030::6815:e69
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2004
2a02:2638::1c
2a02:2638::3
52.78.184.209
52.78.71.79
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
07c8974463804c39ff9872c39613532a50ba620b798ae2a81a6e600845166358
0cb5e6b6a4862270a2b289697acaf756138162b39dcfa62663aaea8b0d56118f
0e78caa40931707b5df2e4450a54b52b9bc31c516ab21063ba01529fd3f9c088
13b28d5e54a5e45a1a01e3d7fcf05b903298b35df0002b21d843f81297db8e13
14efe3ad579358a9eafb026da53e44a84f4318ff590e1db32f213417a81a8d70
1db33ed1c8a557df4171bcfae09d527acc273b3b3743063e87a8e692abee4eb6
1f2c48544b55177b83053cc183db83a334a2a56ee39c28720f71d52bb652a96e
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
2c3ff8b90d6bfc1bfd4c0a0328c9b8ea70dfcd5c9f365cee028fa8953ecbef68
2cc8f06b2867d647eb447110575839ac4917584682d0f436336f034e8dc1739b
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
4bf2608512e8a97b8753e3188f3913f08c0d52cccd100fd20776068515f1174f
4e74c3143822f07f28663942b2b8ebe8422fe5de8e890e9165c3d8a16cd29482
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5f45351dcdf496908676261f59b22547e6536f7102db43ad48ccd1112dc260dd
6c02ba7e0b0c40372ae2ab7b8531223ce221974094f027e84515adc786837a79
70c941a384137809113d33db0b4d68e31a85f711cdbfb5a2952564ac08fdc6e5
71968d037d32f95cd435709e702d0d49037101161727604162c1bf23e80d4311
76eda827f5a18594f91004a34bcfb181461f8c47436bfc79df7d015650d67590
778d163e1374a2411cc2a62977866b782a825622b6721cdae711cabca69e8523
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
79ee4bff652b362e8ad7e9daa661469829472c07a92922c8789b11541b061343
869e4b56bba3e7c450c012cb799b46a227a7118fbccfc3fee7389aa1c84edf46
9eb7ed74ce1c96d706924d15d093bf9837f55b7ec51cca6d2069206ca72f97b3
a30a4112babab09be4d8ea2f7fcea0bbc71a51b438a5af54307e3acf7dc4a8cc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2
ac3156290c1ccb0541ebfd561bd860538974ada145ddecd88c0c402f1579b152
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27850e9bf45770196e2d2648f2781021792cdea5d05407566abb222972da5bf
b2f8b65d257e5445f30b4df7e639e711670579a709f1d309df564f4ca564cf57
b76ed69ce914a91c0e4c0c71da06c0ebfe86d72c43eac0a726fa26d8ef0e9698
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
bb541f6dd30f673916486eae29c696d88aafdf160d9c0fb443eba01f09957ca6
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
c6aff5fa2fcbbb94e86c551ad236d2ad6969c0311a2a05b66bcd16f7d9e8df46
cc6c3c9d6854038279cd945893e8541b4fb465a4cb149763bf97aa30e5bc96b5
d5625f813872ef1bfd43566c324e44cd8626dffd4f3fb65a5e2cd7a013d7e05e
d60ef0ac2ab2d645f1eda0484c737dec31b75fc09c7c73ba2cd6e89bbe6e1a57
d6de8dc35a831fe460a477b6a6c6fa99dd132a6bb3ff645d52452cc186a4f47b
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f407292a9624df7ec08869fb2cbd11c76e28aad51e67d4d1114aeb0a77ec6428
f6e6f2523b55f6228a567a845b6b6e8b6aed22b4cb9d06542f27f87db9414bb8
f6ecc8c074f12065099da1da7e1056078b650be7e4a4ee00bad6846971e7c409

ads.mtgroup.kr Open in urlscan Pro 183.111.27.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

48 %IPv6

17 Domains

28 Subdomains

25 IPs

5 Countries

1463 kBTransfer

2640 kBSize

1 Cookies

0 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ads.mtgroup.kr Open in urlscan Pro
183.111.27.168 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

28
Subdomains

25
IPs

5
Countries

1463 kB
Transfer

2640 kB
Size

1
Cookies

87 HTTP transactions
0 data transactions