ads.mtgroup.kr Open in urlscan Pro
183.111.27.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Submission Tags: falconsandbox
Submission: On October 19 via api (October 19th 2021, 1:35:35 am UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 31 HTTP transactions. The main IP is 183.111.27.168, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is ads.mtgroup.kr.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 24th 2021. Valid for: a year.

This is the only time ads.mtgroup.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	183.111.27.168 183.111.27.168	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
4	1.237.47.28 1.237.47.28	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	175.126.41.153 175.126.41.153	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.232.87 2.18.232.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	103.105.156.218 103.105.156.218	9639 (WIDERPLAN...) (WIDERPLANET-AS-KR Wider Planet)
1	103.105.156.200 103.105.156.200	9639 (WIDERPLAN...) (WIDERPLANET-AS-KR Wider Planet)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	121.254.154.40 121.254.154.40	() ()
31	17

1 183.111.27.168 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

ads.mtgroup.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 1.237.47.28 (Seongnam-si, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

media.adpnut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.126.41.153 (Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

js.ad4989.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.87 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-87.deploy.static.akamaitechnologies.com

cdn-aitg.widerplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.105.156.218 (Korea, Republic Of)

ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR)

astg.widerplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.105.156.200 (Korea, Republic Of)

ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR)

adtg.widerplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.254.154.40 (None, )

ASN- ()

tm.interworksmedia.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googlesyndication.com d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	37 KB
4	criteo.com bidder.criteo.com gum.criteo.com	6 KB
4	adpnut.com media.adpnut.com	6 KB
3	doubleclick.net securepubads.g.doubleclick.net	149 KB
3	widerplanet.com cdn-aitg.widerplanet.com astg.widerplanet.com adtg.widerplanet.com	6 KB
3	criteo.net static.criteo.net	39 KB
2	google.com adservice.google.com www.google.com	2 KB
1	interworksmedia.co.kr tm.interworksmedia.co.kr ds.interworksmedia.co.kr Failed	549 B
1	google.de adservice.google.de	716 B
1	ad4989.co.kr js.ad4989.co.kr	7 KB
1	mtgroup.kr ads.mtgroup.kr	566 B
31	11

	Domain	Requested by
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	media.adpnut.com	ads.mtgroup.kr adtg.widerplanet.com media.adpnut.com
3	securepubads.g.doubleclick.net	media.adpnut.com securepubads.g.doubleclick.net
3	static.criteo.net	media.adpnut.com ads.mtgroup.kr
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	bidder.criteo.com	static.criteo.net
1	tm.interworksmedia.co.kr	media.adpnut.com
1	www.google.com	tpc.googlesyndication.com
1	d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	adtg.widerplanet.com	cdn-aitg.widerplanet.com
1	astg.widerplanet.com	cdn-aitg.widerplanet.com
1	cdn-aitg.widerplanet.com	media.adpnut.com
1	js.ad4989.co.kr	media.adpnut.com
1	ads.mtgroup.kr
0	ds.interworksmedia.co.kr Failed	tm.interworksmedia.co.kr
31	18

This site contains no links.

Subject Issuer	Validity	Valid
yellow.contentsfeed.com GoGetSSL RSA DV CA	`2021-06-24` - `2022-07-24`	a year	crt.sh
ad.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2021-07-07` - `2022-06-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2019-11-11` - `2022-01-29`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
cdn-aitg.widerplanet.com GeoTrust RSA CA 2018	`2021-03-02` - `2022-03-08`	a year	crt.sh
*.widerplanet.com Go Daddy Secure Certificate Authority - G2	`2021-08-05` - `2022-09-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.interworksmedia.co.kr Sectigo RSA Domain Validation Secure Server CA	`2021-01-25` - `2022-01-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Frame ID: A8A1EC4D789F0DE217E0349885A36C85
Requests: 8 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019j&gothrough=nextgrade&out=script
Frame ID: 95DA513EDF1E4FDD63A5DA662A504870
Requests: 3 HTTP requests in this frame

Frame: https://astg.widerplanet.com/delivery/storage
Frame ID: 3615CD9277360706F4E3A7022BF6C8C1
Requests: 1 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
Frame ID: 1EA24B160973925D844C1DF1864AF8A4
Requests: 9 HTTP requests in this frame

Frame: https://d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6C259DA34F28576596DD3AD04960D4C2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
Frame ID: 8D44048056E38DE63FA3A4B913A84609
Requests: 2 HTTP requests in this frame

Frame: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=03E6&gothrough=nextgrade&out=script
Frame ID: C1EC5A29DB81E74191F1AE71D5679830
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A00288A749824CD6603EB652811CF953
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B02ECB0B2D453114BB96F8FAB4F839B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

18
Subdomains

17
IPs

4
Countries

254 kB
Transfer

703 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set news@x04 Show response
ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/ 97 B
566 B 1319ms
261ms Document
text/html 183.111.27.168
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.111.27.168 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Apache /
Resource Hash: 11f093dbbfc7ddc1f45ac74a18766842049c042f64c23a56fefe86a248301c32

Request headers

Host: ads.mtgroup.kr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 19 Oct 2021 01:35:29 GMT
Server: Apache
Set-Cookie: OAX=2INvKGFuIOEADB41; path=/; expires=Thu, 19-Oct-23 01:35:29 GMT; domain=.mtgroup.kr
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin: *
HN: DE4
Pragma: no-cache
Expires: Fri, 30 Oct 1998 14:19:41 GMT
Cache-Control: no-cache,no-store,private
Content-Length: 97
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ 2 KB
3 KB 697ms
229ms Script
text/html 1.237.47.28
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&out=script
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 1.237.47.28 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e58f3e6739215cf2536b52b893f5a38a3e779672813cb0596c3dac94cebe76bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 01:35:30 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 41ms
14ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&out=script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:27 GMT
server: nginx
etag: W/"615af4d3-1dd0f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Oct 2021 01:35:30 GMT

GET
H/1.1 200
OK tend.js Show response
js.ad4989.co.kr/common/js/ 35 KB
7 KB 2753ms
227ms Script
application/javascript 175.126.41.153
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&out=script
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 175.126.41.153 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 7a384bd51bd2ed6f32de3b2cd8277543de5c246f4f66496de6dbaf8e4e4a467a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 01:35:32 GMT
Via: STON Edge Server/2.7.9
Last-Modified: Fri, 08 Oct 2021 08:08:51 GMT
Server: Microsoft-IIS/8.5
ETag: "615ffc93:1af7"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 6903

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 54ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=70927161533
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.mtgroup.kr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ads.mtgroup.kr
date: Tue, 19 Oct 2021 01:35:31 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame 95DA 458 B
701 B 686ms
229ms Script
text/html 1.237.47.28
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019j&gothrough=nextgrade&out=script
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 1.237.47.28 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5e0d39eb9d3a357bbeba31ec2919c2fd3d9c35d773331864f939517642cf42f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 01:35:31 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.mtgroup.kr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ads.mtgroup.kr
date: Tue, 19 Oct 2021 01:35:30 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 12ms
12ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 14 Oct 2022 01:35:31 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 12ms
12ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ads.mtgroup.kr
URL: https://ads.mtgroup.kr/RealMedia/ads/adstream_sx.ads/news1_pc/news@x04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:31 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 14 Oct 2022 01:35:31 GMT

GET
H/1.1 200
OK adr.js Show response
cdn-aitg.widerplanet.com/js/ Frame 95DA 8 KB
4 KB 38ms
7ms Script
application/javascript 2.18.232.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aitg.widerplanet.com/js/adr.js
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019j&gothrough=nextgrade&out=script
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.87 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-87.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2745084fbfaaeace2739d701caf3f9a1efb86b57e4cb12bfcd03a6cfcde2b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 01:35:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Oct 2021 04:52:43 GMT
Server: nginx
ETag: W/"6166661b-1fe8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 3392

GET
H2 200 storage Show response
astg.widerplanet.com/delivery/ Frame 3615 2 KB
1 KB 834ms
275ms Document
text/html 103.105.156.218
WIDERPLANET-AS-KR...

General

Check archive.org

Show headers Download Go to

Full URL

https://astg.widerplanet.com/delivery/storage

Requested by

Host: cdn-aitg.widerplanet.com
URL: https://cdn-aitg.widerplanet.com/js/adr.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.105.156.218 , Korea, Republic Of, ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR),

Reverse DNS

Software

nginx /

Resource Hash

e270f53080812a5da2b2e937ce48dbc794f3442b872f1f2003e3bdd2d2d901dc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: astg.widerplanet.com
:scheme: https
:path: /delivery/storage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.mtgroup.kr/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/

Response headers

server: nginx
date: Tue, 19 Oct 2021 01:35:32 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: private, max-age=0, no-cache
set-cookie: TGSID=r17b38#01f22916bcaaff66bf4d8c5c9c66f506; path=/; domain=.widerplanet.com; secure; samesite=none
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-xss-protection: 0
pragma: no-cache
accept-ch-lifetime: 86400
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, ua, platform, model, mobile
content-language: de-DE
content-encoding: gzip

GET
H2 200 wjs.php Show response
adtg.widerplanet.com/delivery/ Frame 95DA 357 B
1 KB 836ms
297ms Script
text/javascript 103.105.156.200
WIDERPLANET-AS-KR...

General

Check archive.org

Show headers Download Go to

Full URL

https://adtg.widerplanet.com/delivery/wjs.php?zoneid=25236&category=news1_PC_mid_300X250&passback=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D01l6%26campaignid%3D019n%26gothrough%3Dnextgrade%26out%3Diframe&loc=https%3A%2F%2Fads.mtgroup.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fnews1_pc%2Fnews%40x04&src=adr&cb=80853417143&t=1634607332

Requested by

Host: cdn-aitg.widerplanet.com
URL: https://cdn-aitg.widerplanet.com/js/adr.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.105.156.200 , Korea, Republic Of, ASN9639 (WIDERPLANET-AS-KR Wider Planet, KR),

Reverse DNS

Software

nginx /

Resource Hash

1c2cbd625bd257efd3909a95f496b814676e5d4337fc312f5478f9d2f42eb6de

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 01:35:32 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
accept-ch-lifetime: 86400
p3p: CP="CUR ADM OUR NOR STA NID"
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, ua, platform, model, mobile
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
pbc: 2854
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame 1EA2 2 KB
2 KB 696ms
233ms Document
text/html 1.237.47.28
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
Requested by: Host: adtg.widerplanet.com
URL: https://adtg.widerplanet.com/delivery/wjs.php?zoneid=25236&category=news1_PC_mid_300X250&passback=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D01l6%26campaignid%3D019n%26gothrough%3Dnextgrade%26out%3Diframe&loc=https%3A%2F%2Fads.mtgroup.kr%2FRealMedia%2Fads%2Fadstream_sx.ads%2Fnews1_pc%2Fnews%40x04&src=adr&cb=80853417143&t=1634607332
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 1.237.47.28 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ad73782f3eda0577e8593327541d310b6f422cf0025af53585e9536a753cc1ec

Request headers

Host: media.adpnut.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.mtgroup.kr/
Accept-Encoding: gzip, deflate, br
Cookie: FOIN_REF1=https://ads.mtgroup.kr/; HEAD=021050SmFJmER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/

Response headers

Server: Microsoft-IIS/10.0
Date: Tue, 19 Oct 2021 01:35:33 GMT
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1EA2 79 KB
27 KB 86ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e3a721b932b0f0dd2b806104fbdf5728949f1b281cea9e5af71c285eed9fafe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1018 / 137 of 1000 / last-modified: 1634597506"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27088
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Oct 2021 01:35:33 GMT

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1EA2 361 KB
122 KB 33ms
33ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Oct 2021 01:35:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1EA2 107 B
716 B 81ms
31ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=media.adpnut.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1EA2 107 B
570 B 88ms
33ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=media.adpnut.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1EA2 366 B
190 B 242ms
242ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861335624694295&correlator=2889102887369138&output=ldjh&impl=fif&eid=31061423%2C31063194%2C31062525&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211019&iu_parts=21682743634%3A70693439%2CS017%2Cnews1%2Cga02%2Cpc%2Cpost_btf_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=4&cdm=media.adpnut.com&bc=31&abxe=1&dt=1634607333611&dlt=1634607333351&idt=241&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=0&adys=0&adks=3120518502&ucis=79m380x2jwij&ifi=1&ifk=2869962081&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=%2F%2Fwww.news1.kr&loc=https%3A%2F%2Fmedia.adpnut.com%2Fcgi-bin%2FPelicanC.dll%3Fimpr%3Fpageid%3D01l6%26campaignid%3D019n%26gothrough%3Dnextgrade%26out%3Diframe&top=ads.mtgroup.kr&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=1199839650.1634607334&ga_sid=1634607334&ga_hid=227880628&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

97223258760efa8b82cc19087f346ceccf39583a0ae698ca665af1699737947e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 160
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://media.adpnut.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C25 6 KB
4 KB 119ms
32ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 19 Oct 2021 01:35:33 GMT
expires: Wed, 19 Oct 2022 01:35:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8D44 11 KB
5 KB 43ms
14ms Document
text/html 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.mtgroup.kr/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.mtgroup.kr/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1710
set-cookie: uid=41f905d1-a3ff-4cc0-9311-2d90dc769796; expires=Sun, 13 Nov 2022 01:35:33 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Tue, 19 Oct 2021 01:35:33 GMT
content-length: 4683

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8D44 422 B
523 B 17ms
16ms Fetch
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=mtgroup.kr&sn=ChromeSyncframe&so=0&topUrl=ads.mtgroup.kr&cw=1&lsw=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

990ed4c55ef1ba679f60234847e8a4eca6c4fa517ac2626b4559137123612af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ads.mtgroup.kr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 19 Oct 2021 01:35:33 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 6005
expires: 0

GET
H/1.1 200
OK PelicanC.dll Show response
media.adpnut.com/cgi-bin/ Frame C1EC 176 B
419 B 673ms
225ms Script
text/html 1.237.47.28
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=03E6&gothrough=nextgrade&out=script
Requested by: Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 1.237.47.28 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6fdd16fe9c6f5dd890a720dbd00da46f9c629fd4e2059797ffc3511fbeb497d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 01:35:34 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1EA2 11 KB
9 KB 90ms
35ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

199b2ac54025a56af08344a5d6d09140f5b3be8c418cbee3ca2d7b4bf060a41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Oct 2021 01:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1EA2 17 KB
7 KB 79ms
31ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 19 Oct 2021 01:35:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A002 12 KB
5 KB 59ms
23ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 18 Oct 2021 19:07:31 GMT
expires: Tue, 18 Oct 2022 19:07:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B02E 783 B
1 KB 81ms
32ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

7ec0952323dddc96a8a7feed57699ced29891716c9edaa5edc3d775c48425113

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/JCLZuu0uqiTYQNKV6u4cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 19 Oct 2021 01:35:34 GMT
date: Tue, 19 Oct 2021 01:35:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/JCLZuu0uqiTYQNKV6u4cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js Show response
pagead2.googlesyndication.com/bg/ Frame A002 34 KB
13 KB 49ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 00:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13172
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 19 Oct 2022 00:48:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B02E 0
0 42ms
33ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=3861335624694295&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EA2 0
20 B 30ms
30ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=3861335624694295&bg=!u7iluPzNAAao6lBpqOo7ACkAdvg8WgP4ePqhuBik3zZqbX4MRkZJuYuFnVzy8G0OZJREgGEvpz6wLAIAAABfUgAAAAxoAQcKABM-ZJ6iNNpovpH0KaKjMWJcuXqfmQLmvY4zM-gObJTAztGs-olz5gukEVpzSAZ5KY1OzYb1Sr6EOG4ftdG14u1_lOJlujXCtK-o-ipAQ91Xcmr-PIf33xHvLPXTs4QSbe9_zZWU9Nww8TxCoO6KNFom9KZe55e50A1REEsOcf8O5Bn2Yv0LbuUWL7mj2McW6YUkQmcaS7stStms-KlKklWkFU0AcNzc6Md3y7u5ZROH0t5XKYKSLjvtxxkCKuL4FjO-D3r348AnDIU5fgVKcM8r9xIoFDYMrrkbQc9A4bqDi-eCRReRrYE2AtsljmzNVwe-beg_ZOxGbH3-g264mQ8cfBDkJpCmGG-4UyyginguhhoankhXtKKAUSunk5CoFzSB2hLP4rC1BhQ0EnynP8mzVIcxV513KMz-I15MPKw_gh0R0MtlZKkEkRsQJjVzWHe85rw32i6L7AbrXngPj92CvLWhXF2k8oWuBfFQ7zcloAfhLRDDtipOURCAztPK8xO4Le5sJDEdIM2Nmnr02zZDY3-Rr-Wwu6ZdaeuflgOZvRE3bkTOEpEwB-xD7ssZb-Zrx0CDkiY7T9DE_CXDZ0F5OyIyTUpTNm0M0RO3YvPTSzeGkPwtGRQyJR_DxhKbYkwJxvHa2XOCK8QKgamYc5WFvY5-TdPxdSxhWjf98YhIlfZ7xqGPdwb8lwuqpN6QNHZ_ca5bv-3TdKICpMfN3vIHhRi8J6suD_Ofl_suNebomTIDXMFy18gj5ynKC8bTqTdKoUseCHqvw8P5FDXzfvMAv1Hsem8Fx3SkpM2nXMBgknfqtVJZu4OEkRljxGidtOHP1MJFx46xieSP0Dz1yKkcwDcIDg4naFbUXfnURDcXKzY1MYexnfsCo--mRFyMj1e6ST0ZR4JvltxBVLKCSW7Ifc7hgLRuThhPIPpbuqYGeq8FBM1u-Q_uBqX1KXepwa7xksJeXHyJXHryyvGxr8IthVXuGEhTuQ-TY_gYbJG7SyBmWNhWSgbApR33og

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 01:35:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 A7C6DCA1 Show response
tm.interworksmedia.co.kr/ads.js/ Frame C1EC 158 B
549 B 942ms
232ms Script
text/javascript 121.254.154.40

General

Check archive.org

Show headers Download Go to

Full URL

https://tm.interworksmedia.co.kr/ads.js/A7C6DCA1

Requested by

Host: media.adpnut.com
URL: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=03E6&gothrough=nextgrade&out=script

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

121.254.154.40 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ee72f65b0d5bf8812418631221788e204011fcdf4eab37997f76e335092cdb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.adpnut.com/cgi-bin/PelicanC.dll?impr?pageid=01l6&campaignid=019n&gothrough=nextgrade&out=iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 01:35:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
p3p: CP='CUR ADM OUR NOR STA NID'
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
x-request-id: 77325e62110d34c5a45fffb6cb91041b

GET agency@x04
ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.news1.kr_NEWS_BA_300X250_CMTF/ Frame C1EC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ds.interworksmedia.co.kr
URL: https://ds.interworksmedia.co.kr/RealMedia/ads/adstream_jx.ads/agency.peanut_www.news1.kr_NEWS_BA_300X250_CMTF/agency@x04

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mtgroup.kr/	1970-01-20 15:34:39	Name: OAX Value: 2INvKGFuIOEADB41
media.adpnut.com/	1970-01-19 22:24:09	Name: FOIN_REF1 Value: https://ads.mtgroup.kr/
media.adpnut.com/	1970-01-23 13:42:14	Name: HEAD Value: 021050SmFJmER
.widerplanet.com/	1969-12-31 23:59:59	Name: TGSID Value: r17b38#452d93f102de0d73897d434cd021313d
.widerplanet.com/	1970-01-20 15:34:39	Name: OAID_S Value: s1634607332.4651
.widerplanet.com/	1970-01-20 15:34:39	Name: OAID Value: efe80cf30cd28fa435cd6e13df9a457a
.widerplanet.com/	1970-01-20 15:34:39	Name: OAIDT Value: S
.criteo.com/	1970-01-20 07:25:03	Name: uid Value: 41f905d1-a3ff-4cc0-9311-2d90dc769796
.mtgroup.kr/	1970-01-20 07:25:03	Name: cto_bundle Value: Q117ul9iRGxYdTVaRXFXVFZVWUIxQndUOW5MQ2s5dkw3VUEyQlJybjlPOUpKT2JlbWd2N3JZVWxNWEVpNCUyRkhBMXhDSWZLclE5OFNEc2t3c2FYRkNYNk1ldU5KSEpneG9zMjZLRmpWUFJGSG9vNCUyQnBSRjVtMUZMV1pkbW82ZTV6TnVQdWh4QTRRVWNzWmppdjYlMkZBSTltSHZsS3clM0QlM0Q
.doubleclick.net/	1970-01-19 22:03:28	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mtgroup.kr
adservice.google.com
adservice.google.de
adtg.widerplanet.com
astg.widerplanet.com
bidder.criteo.com
cdn-aitg.widerplanet.com
d80f213e195d1e50fc1dc830f6115553.safeframe.googlesyndication.com
ds.interworksmedia.co.kr
gum.criteo.com
js.ad4989.co.kr
media.adpnut.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tm.interworksmedia.co.kr
tpc.googlesyndication.com
www.google.com
ds.interworksmedia.co.kr
1.237.47.28
103.105.156.200
103.105.156.218
121.254.154.40
142.250.185.162
142.250.185.226
142.250.185.97
142.250.185.98
142.250.186.161
142.250.186.164
175.126.41.153
178.250.0.165
178.250.2.130
178.250.2.146
183.111.27.168
2.18.232.87
11f093dbbfc7ddc1f45ac74a18766842049c042f64c23a56fefe86a248301c32
199b2ac54025a56af08344a5d6d09140f5b3be8c418cbee3ca2d7b4bf060a41f
1c2cbd625bd257efd3909a95f496b814676e5d4337fc312f5478f9d2f42eb6de
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5e0d39eb9d3a357bbeba31ec2919c2fd3d9c35d773331864f939517642cf42f6
6fdd16fe9c6f5dd890a720dbd00da46f9c629fd4e2059797ffc3511fbeb497d4
7a384bd51bd2ed6f32de3b2cd8277543de5c246f4f66496de6dbaf8e4e4a467a
7ec0952323dddc96a8a7feed57699ced29891716c9edaa5edc3d775c48425113
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
97223258760efa8b82cc19087f346ceccf39583a0ae698ca665af1699737947e
990ed4c55ef1ba679f60234847e8a4eca6c4fa517ac2626b4559137123612af9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad73782f3eda0577e8593327541d310b6f422cf0025af53585e9536a753cc1ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2745084fbfaaeace2739d701caf3f9a1efb86b57e4cb12bfcd03a6cfcde2b79
e270f53080812a5da2b2e937ce48dbc794f3442b872f1f2003e3bdd2d2d901dc
e3a721b932b0f0dd2b806104fbdf5728949f1b281cea9e5af71c285eed9fafe5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f3e6739215cf2536b52b893f5a38a3e779672813cb0596c3dac94cebe76bd
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
ee72f65b0d5bf8812418631221788e204011fcdf4eab37997f76e335092cdb8d

ads.mtgroup.kr Open in urlscan Pro 183.111.27.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

0 %IPv6

11 Domains

18 Subdomains

17 IPs

4 Countries

254 kBTransfer

703 kBSize

10 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ads.mtgroup.kr Open in urlscan Pro
183.111.27.168 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

18
Subdomains

17
IPs

4
Countries

254 kB
Transfer

703 kB
Size

10
Cookies

31 HTTP transactions
0 data transactions