netbuild.com Open in urlscan Pro
1.214.210.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fisio.com/
Effective URL:
http://netbuild.com/
Submission: On February 01 via manual (February 1st 2024, 10:37:49 am UTC) from DE — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 1.214.210.188, located in Gangnam-gu, Korea, Republic Of and belongs to LGDACOM LG DACOM Corporation, KR. The main domain is netbuild.com.

This is the only time netbuild.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.31.42.235 64.31.42.235	46475 (LIMESTONE...) (LIMESTONENETWORKS)
2	1.214.210.188 1.214.210.188	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
1 10	162.241.225.93 162.241.225.93	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2800:3f0:4005... 2800:3f0:4005:410::2003	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.71.154 74.125.71.154	() ()
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	() ()
2	2a00:1450:400... 2a00:1450:4001:1c::8	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2004	() ()
1	142.250.186.162 142.250.186.162	() ()
1	142.250.74.194 142.250.74.194	() ()
2 3	172.64.151.101 172.64.151.101	() ()
1 1	142.250.185.130 142.250.185.130	() ()
54	16

1 64.31.42.235 (Dallas, United States) 1 redirects

ASN46475 (LIMESTONENETWORKS, US)
PTR: 235-42-31-64.static.reverse.lstn.net

fisio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 1.214.210.188 (Gangnam-gu, Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

netbuild.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myhome.doregi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.241.225.93 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5253.bluehost.com

mdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2800:3f0:4005:410::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.154 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1c::8 (None, )

ASN- ()

r3---sn-4g5lznl7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com	283 KB
10	mdnet.com 1 redirects mdnet.com	147 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	52 KB
8	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 Failed imasdk.googleapis.com — Cisco Umbrella Rank: 485	137 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net r3---sn-4g5lznl7.c.2mdn.net	3 MB
1	google.com www.google.com	1 KB
1	doregi.com myhome.doregi.com	450 B
1	netbuild.com netbuild.com	911 B
1	fisio.com 1 redirects fisio.com	220 B
54	11

	Domain	Requested by
11	pagead2.googlesyndication.com	mdnet.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	mdnet.com	1 redirects netbuild.com mdnet.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
6	csi.gstatic.com	imasdk.googleapis.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	2 redirects
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	r3---sn-4g5lznl7.c.2mdn.net
2	fonts.gstatic.com	fonts.googleapis.com
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	mdnet.com googleads.g.doubleclick.net
1	myhome.doregi.com	netbuild.com
1	netbuild.com
1	fisio.com	1 redirects
54	19

This site contains no links.

Subject Issuer	Validity	Valid
www.mdnet.drchina.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 8 frames:

Primary Page: http://netbuild.com/
Frame ID: A49F6D131F9DBC61DBFFAB3093846EC1
Requests: 1 HTTP requests in this frame

Frame: https://mdnet.com/
Frame ID: 245BB7DC9AC663637E1960B7FC617DC5
Requests: 15 HTTP requests in this frame

Frame: http://myhome.doregi.com/counter/counter.php?remote_ip=80.255.7.101&remote_ref=&server_name=netbuild.com
Frame ID: ED0425B90903E0851A94B0E6851276DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Frame ID: 0F793429636264AE1EED25F10636FCF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325
Frame ID: 50C82DF56B01FDC97E62A56AFF8130EE
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 148A6192C4928F83BB2B2A46A82FEF55
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D694F7285E32616DD4E01F7AB9CF8B95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45E77E660326999ABC607231DDB2C09E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

netbuild.com

Page URL History Show full URLs

http://fisio.com/ HTTP 301
http://netbuild.com/ Page URL

Detected technologies

Nuvemshop (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

Nuvem

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

91 %
HTTPS

56 %
IPv6

11
Domains

19
Subdomains

16
IPs

3
Countries

3621 kB
Transfer

4622 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fisio.com/ HTTP 301
http://netbuild.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mdnet.com/ HTTP 301
https://mdnet.com/

Request Chain 31

https://gcdn.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/75630A90968723AFC5F3BDCF82EE8769FE22167E.9F57EDFA68DBAA98931087BD7373F7486715FBFB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2819F5B6D126706D867ECA518CDBED0C880C25E6.52139643C60BFBA81B8D1F85B87BA05466F3559F/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1706783551/mv/m/mvi/3/pl/29/file/file.mp4

Request Chain 47

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEPuL_Y8EGOfCgIACIAEwAQ&v=APEucNVNASZJXtKD3VFkW_cZPF-FeXCJo1xWTRqrpdEpGmyrOR2SpU0NIMS0nJDh5CreDhJLBbxVsoDHrK_YJgHUJRu97iLmNQ HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbt0fNrleTcKX3oD4EQY7QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdvk7uMqT1k1cKIZa9hqw4&google_cver=1

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
netbuild.com/
Redirect Chain

http://fisio.com/
http://netbuild.com/

721 B
911 B

1403ms
265ms

Document
text/html

1.214.210.188
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: http://netbuild.com/
Protocol: HTTP/1.1
Server: 1.214.210.188 Gangnam-gu, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: eec8bd0d2fb1c44bb54b626d273c8210ee2d84ea44c8ba4bfcf336e31f484151

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 721
Content-Type: text/html; charset=EUC-KR
Date: Thu, 01 Feb 2024 10:37:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

Redirect headers

Connection: close
Content-Type: text/html
Date: Thu, 01 Feb 2024 11:47:24 GMT
Location: http://netbuild.com
Server: Apache/1.3.37 (Unix) mod_forward_0_3
Transfer-Encoding: chunked

GET
H2

200

/ Show response
mdnet.com/ Frame 245B
Redirect Chain

http://mdnet.com/
https://mdnet.com/

5 KB
2 KB

608ms
209ms

Document
text/html

162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/
Requested by: Host: netbuild.com
URL: http://netbuild.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: bf9276d0df23457836ed531271ca205acf1a2f258115add13c123509fc3e82e7

Request headers

Referer: http://netbuild.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1682
content-type: text/html
date: Thu, 01 Feb 2024 10:37:44 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 02 Jul 2021 01:57:26 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 01 Feb 2024 10:37:44 GMT
Keep-Alive: timeout=5, max=75
Location: https://mdnet.com/
Server: Apache

GET
H/1.1 200
OK counter.php Show response
myhome.doregi.com/counter/ Frame ED04 260 B
450 B 2115ms
315ms Document
text/html 1.214.210.188
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: http://myhome.doregi.com/counter/counter.php?remote_ip=80.255.7.101&remote_ref=&server_name=netbuild.com
Requested by: Host: netbuild.com
URL: http://netbuild.com/
Protocol: HTTP/1.1
Server: 1.214.210.188 Gangnam-gu, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 27b9d1b426ce2e45976a4117790bcd21c17e01dea7cec89a344b508ad58e6858

Request headers

Referer: http://netbuild.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 260
Content-Type: text/html; charset=EUC-KR
Date: Thu, 01 Feb 2024 10:37:45 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H2 200 main.css
mdnet.com/css/ Frame 245B 2 KB
1014 B 598ms
592ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/main.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 7d94436c7f97b4e136534f0cb2d5e4b644c04d109b559e1d4171ed48c8b2d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 981

GET
H2 200 styles.css
mdnet.com/css/ Frame 245B 4 KB
1 KB 214ms
209ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/styles.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: ea9cfbf28365f8761d168f469755f5d6cd33d0dd1f5ce366e58d4dc26141fbeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1399

GET
H2 200 mediaqueries.css
mdnet.com/css/ Frame 245B 1 KB
593 B 205ms
201ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/mediaqueries.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 48c288471f78b00a975405c705ce4c92d0ec3799aa8eb710ccc0b1bf55187dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 507

GET
H2 200 jquery.js Show response
mdnet.com/js/ Frame 245B 242 KB
92 KB 597ms
593ms Script
application/javascript 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/js/jquery.js
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 5c064dfa617485c7e270837185bcd2bedc6cd4040a0c489d27d55af3db6bcc6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 main.js Show response
mdnet.com/js/ Frame 245B 1008 B
514 B 206ms
203ms Script
application/javascript 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/js/main.js
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 28d967acf7e5730679d181e1c29ec9398eff208af26c9804efe19feee34006fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 441

GET
H2 200 banner-img.jpg
mdnet.com/img/ Frame 245B 48 KB
48 KB 212ms
209ms Image
image/jpeg 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/banner-img.jpg
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 2cd4a1345d86097d0cac5b7f0db59dac79e7cc1e119b8b423c74c113bc89f766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
last-modified: Fri, 02 Jul 2021 01:57:19 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 48893
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 245B 148 KB
51 KB 179ms
85ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mdnet.com
URL: https://mdnet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

764ad1ad4f39787a6ee0ac06454d553e90689b4425d3740fa5bfb75185a44cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51529
x-xss-protection: 0
server: cafe
etag: 14043447357640160614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 01 Feb 2024 10:37:45 GMT

GET css
fonts.googleapis.com/ Frame 245B 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ Frame 245B 406 KB
138 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5619872076330108&plah=mdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99fa4bfe6e3ec56af04a78b75dddcea7601f639092a223afcd458c1e95a78d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140881
x-xss-protection: 0
server: cafe
etag: 11902268783531210858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 10:37:46 GMT

GET
H2 200 body-pattern.png
mdnet.com/img/ Frame 245B 945 B
999 B 795ms
794ms Image
image/png 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/body-pattern.png
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: b4b231912b2b72fcf844900cd10aca692c0e493df179e088953c6342d4db423f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:46 GMT
last-modified: Fri, 02 Jul 2021 01:57:22 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 945
content-type: image/png

GET
H2 200 nav-bg.png
mdnet.com/img/ Frame 245B 943 B
1 KB 197ms
197ms Image
image/png 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/nav-bg.png
Requested by: Host: mdnet.com
URL: https://mdnet.com/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 94a74ed3d4730b1508cd605b3fa682681f9a4008453df0d79e9f830c25ca9744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:46 GMT
last-modified: Fri, 02 Jul 2021 01:57:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 943
content-type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/ Frame 0F79 9 KB
5 KB 135ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 15:55:14 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 15:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50C8 90 KB
28 KB 290ms
288ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5619872076330108&plah=mdnet.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c590485a14e8b1e00dc94114136086a13581ed1b707375b4dd302e210f0124f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 10:37:47 GMT
expires: Thu, 01 Feb 2024 10:37:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/ Frame 50C8 23 KB
9 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:07:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 19:07:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 50C8 8 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 10:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 10:03:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 10:37:47 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 50C8 15 KB
3 KB 162ms
42ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:54 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 50C8 378 KB
132 KB 163ms
43ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 50C8 20 KB
9 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 19:17:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
234 B 684ms
241ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~ls331or5&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 50C8 15 KB
16 KB 162ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 496706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 50C8 15 KB
15 KB 168ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:50:55 GMT
x-content-type-options: nosniff
age: 38812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 23:50:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C8 0
20 B 192ms
191ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ctz4NenS7Zd24O7PH1fAPotmx8AvpiNbTdfuSv-SdEsKO8q7kQRABIPau5iVglYKAgJgHoAHcxoqJKcgBBakCfjVaqSw7sj6oAwHIA5sEqgSTAk_Qm0OOjFGfHsvFIxv3K38HgXUwM3amBZ2lySPYhdnlT98XALLWW31-AoTKLpOxnvJ61ZAUNxgaryNdV0IzSdJaYNpvGAi_D2JW55ON3rAoKvEwSgFRbk-Sl0KwJQtl6vuQjcklPv64WvVRpXsUThlNJRmPMuEtQ0bgo7ZAiWcr4EI6-BTO9vzJucmRbpsd7I4KoXKFYHm8HFGZ6X537T4BphoOXLtlAXp-SyVcDZfCUqw43E9imArhhQgzYZmCm5u5JMrrFhO7GGKXrECeWDVDMIhA1R-FZDSQDTcsTcYtkw7b7aV04lwJwxKSrcEuhBZCq9MtT0s_1cWqwHYmmkGdNApbKjwDrU5QiZr1afnBRQWewASovI-WzwTgBAOIBYfmgsdNkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMv45LD5iYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&eventType=clickstring&clientTime=1706783867553&ai=Ctz4NenS7Zd24O7PH1fAPotmx8AvpiNbTdfuSv-SdEsKO8q7kQRABIPau5iVglYKAgJgHoAHcxoqJKcgBBakCfjVaqSw7sj6oAwHIA5sEqgSTAk_Qm0OOjFGfHsvFIxv3K38HgXUwM3amBZ2lySPYhdnlT98XALLWW31-AoTKLpOxnvJ61ZAUNxgaryNdV0IzSdJaYNpvGAi_D2JW55ON3rAoKvEwSgFRbk-Sl0KwJQtl6vuQjcklPv64WvVRpXsUThlNJRmPMuEtQ0bgo7ZAiWcr4EI6-BTO9vzJucmRbpsd7I4KoXKFYHm8HFGZ6X537T4BphoOXLtlAXp-SyVcDZfCUqw43E9imArhhQgzYZmCm5u5JMrrFhO7GGKXrECeWDVDMIhA1R-FZDSQDTcsTcYtkw7b7aV04lwJwxKSrcEuhBZCq9MtT0s_1cWqwHYmmkGdNApbKjwDrU5QiZr1afnBRQWewASovI-WzwTgBAOIBYfmgsdNkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMv45LD5iYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
54 B 664ms
247ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~ls331orn&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.i6&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 50C8 31 KB
18 KB 218ms
100ms XHR
text/xml 74.125.71.154

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A-v2CzPiqCJu0lcRHnudI1Xt7lenh1xfyrcCgcUcUANeL18cqrMe4ksLa5IPRRwsQer4apJbFuFjBGXLsT6VNtIw0ZWw&cry=1&dbm_d=AKAmf-BnMcm4kmZa7Fn14s-MSRZjvYiPf0g0VKOlJkWIsAFvnIufbjM-CBduPR_Yne9L8bQQuwRwTgFiwBCmQRBLIqIKOVfcsn6VXYy6blblFO73wCHFkDCvhd7miuqKhIjx30w7vj8hsGDvA3pcvgJB_gUfVyhzvi09vXVw3MyWhEvbktOL2RuthUayqeCoWCxa8o2pueglBD29ic0DGANx_OVpkSpyoYJ9u7zCsiU0WdYmivrnjsI6JoAdPURfL2ZJaql3b9r5CZyGFcD6BqtAiF9QfOG8fshVWLpImMYSkA-hnxsghiQZkjUcFDHX55VgnQuvr8QX16GZ9Cj04LQeb2BJ3-yFQHTonPeYyvT5bQZo8u6WLRthGA3GolicLs-mkLJ9-yIpdz0jvBhCzrNcGGR_wfqbM8Sn3OJhbtgT7kvCirBz6LegpGp_HPPEDfPuuGqhXFPZf8p9jDkK7RXaLP65IrVMiSKwq-P1HQ6NWBl5i-Fgs3FUo_1qAiIhC6TnyIwPZnsVN6-qSHOczBj5g46DlTRsIRD4AcgEIQ2Wi0XYKl4HYxK-E0JlRSd5gzyIHvWA1HJ5E6XgQzl9-aSzW8w4DCw6cBlw2_Sb9ih-g7vNegqVA4FyyRxWrqVovhYwuJ3_DuYMfhmQjLQ5ZZrlYRzJ6_EGcuSMv12zx60QNsni9Eu3onaZ6LKJqFcBYI4qNeLXGfZTAVbbiOAJraMBmWzta3odKmNIABd6AR-5q_Jat6zGd5LYETlR_N-1wuV7WdK0VdmJ1uVNY5HZBrF5zWNmLBnuN0rwzpkQTG9ZV9mbRgTqaEQXBxWKZSHTYAxk_bKbUNFUU8XwaaY1gsj1sT1yXm9VBubwS1C1mFBrOk8pALUOobFVq1ComtEc1jhWKQUCKv4zT3w-i3w9Y0N1RL_a22syQVadYOFNkGE_zBqRZW1lygcFYQqv8HyKMlUq7RcXD_O34y05FkKai7ewncNo63slQRo0FmK5FIKd0Wz81WaR7W9ObFphUeQLlT-uGkWyoCHnT-fJcjR1-Vm-BwUSKUrkk5ZdKgm_uw9sIdiHBouDoRwUVCMKg83lwuWn39iKsmkwXExr-8LI2NytDSasXSU5zaiJfmUIoxW8oHOB3DkDCfEvEp4rz3i9UjDlTLz3_fwyET5_eTBHLfPORKm5Vgo0_DKOtuaDcQnSqEQzEYESVFlKAmUBxV0bQvwAyUkRCe6ZjJKvwIZkiXcPn3uo28ml5jbiyjgNyfswfRd4ESK8ntvk4ERbf-wchv2PAuv74Isd1J4R4r5-VAP-Eew16ZWBGqgylLFFJ4F5nvpOUTQLOHeiW4pV9D4FZFIHBhQ9cFurn80yktkztpG-vUYHlj3D3upHFw22tAqixf6JG98j-6W5BWE7GQLCbU8O8G1wvYdMIHK6S-mXogk6C03QZyqPCoWAoMe1ZQMRBTXe8_YtJmmWZ3sp4Q-AjMew4LWeqWKE_W6gOIwHjIWMCK0oVM35xo7DH6NEoZErQXr4zUvPIbm5FTq3O-JxVQ2Pe3W1gvTrsIH1QfI-qTrp0TpWEnxAXqnmt-Z_lbicQG1Jx1IRMWXVT5PGtGExc8_J5yyJRQ18RGHn8v0iTIGDIz2Y61yqoSjWWRnU441Z8q_j-y6xwwqo8_-DIJHQPOXFVOLqSu0d6mDkxbEoIBJzf2zUeGKCYXSbw7qtbhMB0dMivUjDCir4No-2JJACuPJrLEWBlqZ2UuqM2wYuxrmqiAfjMKBLlaxkb6jOW23TxrwIHvYZWTluEQ3U1yHWM1Xfk6BBtFhBGWCVZl9wXZkkKrM9JZkVtlGq2FqIvRlrYlM-nA9IQ7F54yMcpGcCO0oF2E16FsNIm1Au1qOWEGdM1zbG6hCpOxKqlXNg6d2vGXMJWV97c8VinM9R1QzYKWTUR88TK_0bw6xvzDsXOrqt0LIucSDhpIeEe1T2VLBncuJTCVnP3m3PWACoobhLDgqLix1V5PR9p8HO135jpYw6080s2pD1Z7RrbIgVtW2odkJRN14d5DGYk5Gjpiou_0LOL-moD2r-tkabI0vfOVJu8SzOC5yMIz8J0kZrPHb1EtrQihLyy9aXneEFpJoyEAZnN059sV2RU2zqpjsqiZagMH_VGRzwVYgCtjN0fwUt2RnUGfjrhKGKCXypS5DJ9UFFwLhMiuM2bVt0voATwMxeB9isi474E84FDi7sa_20Ob6W5sR7L1BFIoXkghCXNIF8ADG4UYro7X13vh0d5sPrAyQcw6Q7cF8fY1PDYl7iakFEoNO0QPcabSPpTrA5uZ71kEzX5Sl4hP4NnIQ9nWPb78784IX-_lHGwsSOTpVQC3ESg3v5irOYWiXQlnOIG2QU0slzBeRoC-Z0zCpn0Gv__iDZKFg-77UMJRWmR2S-1MQcIeDENhEuVS2dfnTOB9AZHaZuO0AehYi_noIqUeznrESs1KNeEjfC41bs2IIyMJLGbEPrNhN7tZbL-SB3JGIgWC3nq3kjriHWoz-2-nNRGO_oLJb7EQAq97RFBtbpWPTsjVqCbeYTz6bg1Hg7ZOlFWHLRxJDLoRSAxbBq4fbCOv9hzwKLrEtTKnq7O-yJgcYayPvAxO4FKAiaQBKNE6cJNv_UtFBBldueXe8tu4GeqedMRe_DS3X4679hiy8-f6QqyzjK05-RYooSHlaKuCgzFgfspLrOrzZXMfMb-KFLt-PXqcztfqlqnoNWOlIbk8-eK5vFEfQU8u-jF0tdejRgS7a3hI8ftoJgJjDp5HwbbXq2k9AvaavdMXN8o8sOXthMyj3BBrGc57uP7jk3riYqugCd5SaDXL6K1NdvdptENrNpJ-tu3VYnH_cWxWAadMk97tKykHi0SgbTtxEyatyyQKkzm1gCQ-SZRZyLBqzYV-8HB4y1HiCe40S-4T45kfpDWFakA6hcbkw00vlz9pCx_9GihoxnOzr9AKY-1Kw87h3mrO85aJ48uEPe2F6I0NH82NK0SzVvdqCvpfpGRQYK24bH3Sgqr5CAN7O3gvWKYKqS7NL0yeLGNAmoK1buTIJJNrsNC9iVajp3HOfPXTcXaJ7u-MS61H_P4lwD4B9sh9CmJkkFIPFqsggY2pFX2HIwiaxBsbD-ubkhv13KgK9M2fMob1pUiux7jKiZNZP4F-Q2FAacgH19o2ip7fvPNjH7lVQv7gHyd-uiMvaz4QbFku72YIUH6hexs8NTQltuIiLiz0p-u8ZPvk7JOk37EPqz4kaw4c_w0ygUaIXIZ2GGXO9NMIOhqVMWENnEW6l3fzA6ObJJoGFGLVx-LGw93Vjhgb_K0x9KKa5C6yQ_6Tfqc420yVXvjGtn_5tR9OSdN5ZDipoadxUcCdueem56VzK-RLBQVxZgfOvTEHx_J-ucOCRPhjZKtPFLb4ZaK5TVnvtYRH5TvLKlM41JjGP0tTAkSf-E5JsUpT6xYlgVCMibcunP7Icv1BfDMVIKwJ3nvzJj9pv1ej-Xwjv-svZmtqFNxOZo9egx10n2wzsF-LxMJhKB0xaJic0NxdOwbTDHLRPxlFR1fCn5rDxPtnzUaAV76lefKm2Keg2d9Ot6aOM9JX7OBRsQ3_xHmvqkSDv2ffRG7679L1ZhOEMM-j4jpJU_mSeRcvjosjhP7_a2br0Nugr8SUWmc1s4fjqfDyGQNSa5CzogleF_y68ywaE_dP7-wsEOv5vomwx73o0-4SsCkzvy144ZQnOrDVLCkTOcDYlizzA6lOvSbF7WARzrgnXGy81KwFZ7JnnJNPuuW5cVdDbF_15Dy0w3D1kYkxpBMukeaK9-awzCWr_QHNbW6alevw7h-ReeGRnXAO8fc7TxjxdYFVZNqcMcqBaCCpfoqVIY5QNGLOxc2JFac4oKVaRtnp5GVwTJNsR_O-jIjJP64Q50ep_eEigu68D9fN17hUersm9RHugB81h7_D4l4TKroHHzNO1NajdtEUg7UlDOamyDVexcJUtMtOPqHtYTkWobaMdMCA&cid=CAQSTgAvHhf_ELb3CAQKTOrRHoBQJQnRVxm9TqaRFblCN3xZilWq_cz23XRcA1nzixPRNf7AO2rSsXyGSm7YKQgaMwj8ReWOVfsEbAtBMHxwYRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

50a388a3cb17edf16083e560d9490bcf48a75a8d6fd371cb7d7e02c833a9f2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17452
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 50C8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79d32ffa90eb532c53ff1cec6b866f121e9d97e37081c17bd9edef5707bb4c82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50C8 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTZJrenS7Zd24O7PH1fAPotmx8AvpiNbTdfuSv-SdEsKO8q7kQRABIPau5iVglYKAgJgHoAHcxoqJKcgBBakCfjVaqSw7sj6oAwGqBJACT9CbQ46MUZ8ey8UjG_crfweBdTAzdqYFnaXJI9iF2eVP3xcAstZbfX4ChMouk7Ge8nrVkBQ3GBqvI11XQjNJ0lpg2m8YCL8PYlbnk43esCgq8TBKAVFuT5KXQrAlC2Xq-5CNySU-_rha9VGlexROGU0lGY8y4S1DRuCjtkCJZyvgQjr4FM72_Mm5yZFumx3sjgqhcoVgebwcUZnpfnftPgGmGg5cu2UBen5LJVwNl8JSrDjcT2KYCuGFCDNhmYKbm7kkyusWE7sYYpesQJ5YNRsxap1G9ev28DnodJeo3JwpTmxXhMZYfbtRbrenYiStDt04cW340-D667I-54S78wXrJXcy-p9QDeuZAOwH6cfABKi8j5bPBOAEA4gFh-aCx02SBQYIAxACGAGSBQsIIhACGAFIxO-YApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCc_hAY58KAgALSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMv45LD5iYQDgAoByAsBsBPw9MsWwhMGGNzGiokpyBOx7pLkA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi01NjE5ODcyMDc2MzMwMTA4GADoFwE&sigh=_5zB-piUPEA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_ELb3CAQKTOrRHoBQJQnRVxm9TqaRFblCN3xZilWq_cz23XRcA1nzixPRNf7AO2rSsXyGSm7YKQgaMwj8ReWOVfsEbAtBMHxwYRgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Feb 2024 10:37:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Feb 2024 10:37:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 245B 16 KB
12 KB 166ms
86ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e661a8a5d9c7b6f2c2ca7fd6f579b201e0e4c7e91a217b345df1b166be0fb7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12273
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
54 B 419ms
242ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~ls331osd&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 50C8 41 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 02:38:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 50C8
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

265ms
40ms

Fetch
video/mp4

2a00:1450:4001:1c::8

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2819F5B6D126706D867ECA518CDBED0C880C25E6.52139643C60BFBA81B8D1F85B87BA05466F3559F/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1706783551/mv/m/mvi/3/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:1c::8 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 10:37:48 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3039087
Last-Modified: Wed, 29 Nov 2023 18:17:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 01 Feb 2024 10:37:48 GMT

Redirect headers

date: Thu, 01 Feb 2024 10:37:47 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2819F5B6D126706D867ECA518CDBED0C880C25E6.52139643C60BFBA81B8D1F85B87BA05466F3559F/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1706783551/mv/m/mvi/3/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
54 B 394ms
243ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~ls331oz0&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.p2~atrd.pa~videopreviewvisible.pm&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 50C8 453 B
585 B 50ms
48ms Image
image/png 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5619872076330108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Thu, 01 Feb 2024 11:27:47 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 148A 23 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 141970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:11:37 GMT
expires: Wed, 29 Jan 2025 19:11:37 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 148A 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:20:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 245B 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 10:37:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D694 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 20:33:47 GMT
expires: Thu, 30 Jan 2025 20:33:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45E7 829 B
1 KB 141ms
49ms Document
text/html 2a00:1450:4001:827::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

4a17de57ff0d2846f11eb8f36da22ff274a6287c05721a866ded33e5942b292b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-23bNuT2q2G0pSyskBpvX_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-23bNuT2q2G0pSyskBpvX_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 10:37:48 GMT
expires: Thu, 01 Feb 2024 10:37:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738319867/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 50C8 3 MB
3 MB 86ms
41ms Media
video/mp4 2a00:1450:4001:1c::8

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::8 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2866e8917942a3ef4fa7cf6eacd61e51a0534b17134b0d1219a5f1c7f3886bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 01 Feb 2024 10:37:48 GMT
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3039086/3039087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3039087
last-modified: Wed, 29 Nov 2023 18:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D694 39 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:20:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 148A 0
20 B 190ms
189ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BnPnLe3S7ZabaLNKYlgT00ZuQDgAAAAA4AeAEAg&bg=!PD-lP3DNAAa8BdJLnAU7ADQBe5WfONrElN3Hmoz0E0AruAzsjLO9PkSYU22-EJsXfW93hNn4MglIBmGGpv_8pgMBAxZLAgAAAPlSAAAABWgBB5kDSMKjWADQBF2uqW3rIsL-gp_EcJobS9i57RV-820zFpUyWCnBfeT4Q9fw9bZTxLeO_pf15Vs-J5tYDSD8kn2emPzZ4sk9BNPBIhDg2azBJJfQLunUoAvR9g_uFgjdYPWBP4KLkbjESIdri_9ns7AB_t8KxTDbi83OM7KskZ3vrd3eawqI_-wBpwZ2zQ8_BuR-D3ELxo8Ct283PKQlkILtDN2lZ_xDdBg4b5fQ9UhyaPdBQdg8D7SsbD-t5rn5V-4BlzO9FsrTH9fZbYO7_tugtLnMYz3lZHc1RPdGaMKyFCDE0SyZvAgvVFyoLzQF6PX2_YT4h3XOgc8pTkwHrBWyXx3NktznCqX6yPWJZo0u-dRgT7G2bina2W4vD8DwyvaQGjBsAV_y5B6fdwUyt7bNgGp-rhWT6eibUF38MEeUVeApqwECix57uyStAj8lBcXWMDuMAa_3yZODw_z90tox1JmbRxy_f_pPzhV_V7jGXMgmGpw031RG3uxd7tcop6g-QnPu0OoWrMdgmBT149bLr98z3IZQZyTAzudUCC5stbfUV29dU-x5GQIe0dAf9I0AVxUOems0wm3X1adv_5VCaXXrdSE_x18qIehE5_1xOGnCo6R4x348skJPyI16DmstoXIZFElqw9hXR21V2UOS_aC7_BkF39ehuqTbPpI-IBiC-lDH3D-EnUveMWGqzr9XPn0J437mjwAoCrRccfXODuT0G2JBBJit0SwVZU7uf1vLcGrG3cjnsHFkj81oM08_LtYqmbjHVoqd8gd6k7cdXSrfxiiNF9fbKGnwktrCG5NixUKUsHwoDdApXTLJCpsLM4e4GiHEi8eqKbgpwfKQeOsCxhSYlyjLsL16hy479fiEElCj-IprW20iZPyOpAmP0mmlJY4Nq1oGIxTHBaqJBHNx5410pejwANFQtiQIfi5BI7Q83EjtlzC-St4vEIWEjhLH1zjXks_MhwZRObTxSF_Czr3xIS0ifzQaI6f6nvUK9BNtyLfiaCNzNCI9PtlR3VsUCUo4mhsOW0XvpBN1buTbAe6j-ga_NbPnzMq_Pb34A9O6knumr2ostLhRrBolx8rTMIAp9G0nJsdRbAosWdNAMZRxaIrmWw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D694 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZK89TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 10:37:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45E7 0
0 187ms
186ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240129&jk=4073195178198050&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMI5oOUsfmJhAMVUoyFCh306AbiEAAYACCmrJNiQhMI3d3lsPmJhAMVs2MVCB2ibAy-;dc_eps=AHas8cA_BXSgy9o1XPLT3pw831lbtAgcdalp4puN3hP9ZgRXtjjxVv6qAZf76CQfT-V9cLn7BZTzq2c;met=1;acvw=sv%3D960%26v%3D20240117%...
ade.googlesyndication.com/ddm/activity/ Frame 50C8 42 B
401 B 184ms
78ms Image
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5oOUsfmJhAMVUoyFCh306AbiEAAYACCmrJNiQhMI3d3lsPmJhAMVs2MVCB2ibAy-;dc_eps=AHas8cA_BXSgy9o1XPLT3pw831lbtAgcdalp4puN3hP9ZgRXtjjxVv6qAZf76CQfT-V9cLn7BZTzq2c;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D617257310%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706783868524;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 50C8 42 B
64 B 88ms
86ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctz4NenS7Zd24O7PH1fAPotmx8AvpiNbTdfuSv-SdEsKO8q7kQRABIPau5iVglYKAgJgHoAHcxoqJKcgBBakCfjVaqSw7sj6oAwHIA5sEqgSTAk_Qm0OOjFGfHsvFIxv3K38HgXUwM3amBZ2lySPYhdnlT98XALLWW31-AoTKLpOxnvJ61ZAUNxgaryNdV0IzSdJaYNpvGAi_D2JW55ON3rAoKvEwSgFRbk-Sl0KwJQtl6vuQjcklPv64WvVRpXsUThlNJRmPMuEtQ0bgo7ZAiWcr4EI6-BTO9vzJucmRbpsd7I4KoXKFYHm8HFGZ6X537T4BphoOXLtlAXp-SyVcDZfCUqw43E9imArhhQgzYZmCm5u5JMrrFhO7GGKXrECeWDVDMIhA1R-FZDSQDTcsTcYtkw7b7aV04lwJwxKSrcEuhBZCq9MtT0s_1cWqwHYmmkGdNApbKjwDrU5QiZr1afnBRQWewASovI-WzwTgBAOIBYfmgsdNkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMv45LD5iYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&sigh=A4qOA51I1K8&label=part2viewed&ad_mt=7&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D617257310%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706783868524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50C8 0
674 B 188ms
86ms Image
image/gif 142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSS9olc2pxZMaU1Q0Eza0HQMFcIFPVhziEGiE2ikq4Pobv7_lFor1S6XEMmZuJjTUYMpOf1zqWCHez_7AVNXj4-fkHUiewjp0w3o5pdzYAWBL4DkFdMjBprm2TChqZnXcv57IrvMgP-xmng1DZT99uwnaBMU2yxVlaAoUviwgiZwXGSCjV20yuLUYA3wtNzpoILGMeL-AyiAlmAVQR0RpEagCbsXGrPx0B6JoWhlQrt7gv5osI-qV7fNRARLb1Sa4hhNOH4_age7-erCrp5-TDS77KNOjmPlY0KbOIHtrxLo2RUTtuQrnK5xV8PVhAeTbd6etaqZu5kx-IAJW_RWTURYuq1yFxhAmXrfucIMXT8Yec-YWotTfSwosMCQ-_36Zs8qAlszmanldIwVuNjwQWGQqvLEQz3TDBkQn4storklQ9_sTIhmj49XJeVnXvSUd5QLSAaQH9mDGImKCRNNnIb_hA0ThBSw8gxnv0baoPvxkN8HuU5M-tmFO_YPaR9NHbG0wHWtSj8_qt-lG8Ay1enSUs-h-ddlL5GS6CyCO3iSKuPQSAr_kYytlstf6CHBYug4lgYxQirhN2JMJU0yU1YBYj9kTkbo8wl7XTC66oe-_c38dffRn-lvTRtryZGs25biQ4-apWPsUod9J_FU90yijTDHf8X1pVw7laIWNYrrT3SYjFDGLMnd1w0c71blZu83UFlkTz_Kg5J7RlRb_n7HK9nNGWtYN9G9x9KystRBuBZUYn6lPMxFq-tY3YS-b046VywCpIhj-HxHjlu-xHnOj26-hlT8J7ugmD6BGYJUuiUyRd43RC0wIaGioQM_F7zrnarVQT05q6BbXohpyQ6kC_hQNWOzzufTz3jdYL60A4IsmdKcjf0kae7gz9N4XJG0H9H6kjFNRfVVXIU8sPfJzpf1R4wcuXH34C8RVBVqvXf1n9PV2CzDzJdqWc5gL90l_w-Fxz1WZ0u6P8tb3w3RW86Sc-GleCrEMheWmLunqTFTI3lcYQJm7kngozLhtnUlTHg4jUC_Vj1peFfg5QhCld015GqjOArzDCMYwFKrYYEQTd8EOR7oe95zRWHqM4cxOOhO6p8lLaxnX3aCHvohM3koQef1BG_qpSw-MijQnTUYRzahRcaFMaA4YkJeummrTKkMVKhbNFXrCHHVuw4KfDjmO9DfmwkYnQ_8Z0_kxhROEje06jQxaxouADMN3cNulutCP7hgzMpPcjdI2zJqnA1X-B37bOlPlqsKmsLTmFcswL9gdj56g6W7tpi2XHL9CFz9mACQHv3TJpkYuzLT182nuoCvSsmlXIRBK-avPcXg&sai=AMfl-YQYfsKBzMnnkV8YXNOygTPu3t2dH3E3-3Wawh-muQeV2Ycbl4jsAV9lMTnf-f4hYyaKHD06f1EhEWnl92xUoCQQg9kqFTngVfjl_YyD3GFY9taq_6UVqTn_KR0Z-Yaq4_JeuxeZ-0-TnHYXtvqoX10W00PWyg_FF5p6tvjuKHqsBJWxV5BUbyoLv1aBeFKDttRWfaE714ha7D_KOVMOCVuQPJki0ZE1E-IbkFiquiVn_5LN0zdNI4yOl_LdDSOTa3AJCaNApvGcZxE0G-t-xDinc1NSZ9LdKDBxEw&sig=Cg0ArKJSzALFs8Kg43EyEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 01 Feb 2024 10:37:48 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 50C8
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEPuL_Y8EGOfCgIACIAEwAQ&v=APEucNVNASZJXtKD3VFkW_cZPF-FeXCJo1xWTRqrpdEpGmyrOR2SpU0NIMS0nJDh5CreDhJLBbxVsoDHrK_YJgHUJRu97iLmNQ
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbt0fNrleTcKX3oD4EQY7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdvk7uMqT1k1cKIZa9hqw4&google_cver=1

43 B
769 B

71ms
70ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdvk7uMqT1k1cKIZa9hqw4&google_cver=1
Protocol: H3
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eO6pBljVXRRrj1pazZHhJNmKxsapuGeQn5QcjPGKICrXnK%2B%2Blg8qGBoHVZJHYwptD1iYeyoM4MHKAZb5ipnrI8XhT2lJ6GhBkC5hwJz%2FScsBx7f9zgZg6jSUY0Nk35BupHKM9pDExjfMog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84e98fad6d7a266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdvk7uMqT1k1cKIZa9hqw4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C8 0
20 B 187ms
185ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 50C8 42 B
64 B 195ms
193ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_p09Ts3Gs9ACcWeCUdiot2Lxk6j0X34_dqQNYcRL9K9uKFRMtTR78D4iXDaGuikBeZK8E5pCto_7pxR0u5pBNTKGs7Zl-whk6iI2gocCGTghvsec85LzljDcoHP-JVzSOBW5VqBiLOT1R34I7&sai=AMfl-YSDbt9bArTxJNlX12_wTdBnxNk5h9inR9d3jLtqTxYu_pzYLSo6SRJregLZbPj4HivFHtAm8WT91d180mJHHJgB6tDW_WlGNRp_esToJAUC2VQK6fO2M_kAO--6RRzc_7ZUKHHfG90nQ7UIMjrU&sig=Cg0ArKJSzJpS45-U-hriEAE&cid=CAQSTgAvHhf_ELb3CAQKTOrRHoBQJQnRVxm9TqaRFblCN3xZilWq_cz23XRcA1nzixPRNf7AO2rSsXyGSm7YKQgaMwj8ReWOVfsEbAtBMHxwYRgB&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D617257310%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706783868524&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 50C8 42 B
64 B 86ms
84ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctz4NenS7Zd24O7PH1fAPotmx8AvpiNbTdfuSv-SdEsKO8q7kQRABIPau5iVglYKAgJgHoAHcxoqJKcgBBakCfjVaqSw7sj6oAwHIA5sEqgSTAk_Qm0OOjFGfHsvFIxv3K38HgXUwM3amBZ2lySPYhdnlT98XALLWW31-AoTKLpOxnvJ61ZAUNxgaryNdV0IzSdJaYNpvGAi_D2JW55ON3rAoKvEwSgFRbk-Sl0KwJQtl6vuQjcklPv64WvVRpXsUThlNJRmPMuEtQ0bgo7ZAiWcr4EI6-BTO9vzJucmRbpsd7I4KoXKFYHm8HFGZ6X537T4BphoOXLtlAXp-SyVcDZfCUqw43E9imArhhQgzYZmCm5u5JMrrFhO7GGKXrECeWDVDMIhA1R-FZDSQDTcsTcYtkw7b7aV04lwJwxKSrcEuhBZCq9MtT0s_1cWqwHYmmkGdNApbKjwDrU5QiZr1afnBRQWewASovI-WzwTgBAOIBYfmgsdNkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMv45LD5iYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&sigh=A4qOA51I1K8&label=vast_creativeview&ad_mt=7&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D617257310%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1706783868524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706783866596&bpp=14&bdt=1616&idt=288&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&correlator=6890040871582&frm=22&ife=1&pv=2&ga_vid=1508579118.1706783867&ga_sid=1706783867&ga_hid=1192469732&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44808397%2C42532523%2C95322329%2C95320888%2C95321253%2C95323009&oid=2&pvsid=4073195178198050&tmod=426175787&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s1f7j35643h0&fsb=1&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
54 B 244ms
242ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=5~ls331ozo&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&dm=12000&ple=0&umsem=0&event_name=first_play&asset_bytes=200174&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.18h~ff.18z~videopreviewstarted.193
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50C8 0
54 B 250ms
249ms Ping
image/gif 2800:3f0:4005:410::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=6~ls331pj5&c=8426048003222&slotId=4213024001611&qqid=CN3d5bD5iYQDFbNjFQgdomwMvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&dm=12000&met.4=vfl.1db
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:410::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 10:37:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 245B 0
0 192ms
192ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240129&jk=4073195178198050&bg=!MzClMH_NAAa8BdJLnAU7ADQBe5WfOCaVIryd--0m0kc987vjfVLS9cVf3tIIDMhxhep8KJCUa0Zm9_nVHoH4Qsot_mceAgAAAIhSAAAAB2gBB5kC3j5ibOWm76Nann2XrWGz2lk5IfVnyvL9DW5nlFfqZ64Llre0u19G7zs4aHWybEBQbChJxXca11D7OjJ8_i86z2d8xsdQg38QLZRNK590ad0pQOy9o9MhF3NFvhU2WiXLko9m4M-Q0SPrVCeHVi_Lj4edlmZXH71VPdf0_Fe-ILLHftt7nRFJN8ADPRKemAxAekQsWxSTattNw7pu3-w1rSQmUPBzjSfiHyMcsFxluKZNo_ajnVRnquU_gKAcFvSAEEsUeycvxKr1zV4hozoi8I7Sc3i8JGlSeYqnZkiV8T4VN3cB3S4qB_zVyc4OdMZYsaptKw2uLkJ06Yv2aq6cKz50iCa_2a6HL1WYirmxdkVJaR_dNWSEsOKkUgGsyyPYtrrhs9JllSJR1CqY-qlkP55llr3qCDInNoQmJKvpFfJRT108JQgKHsyDFqfjih2xVnq7oIeUz74UeZ7ykiOAxc0IebBW4OfXPc8KuxRUmthB9ZirpNg7h7CVDrcQ3OkRouMyyI2Mo8a1um15yBp4E5G_TSB8inI85idMEQiUcBvE2XXBa_HRq0TCjVnj_GzUuGNR89prTf9LqDWgrLzfGO4ySoRqlSm3BaG4O4pDyZNs-89xtQb0cRBPrtt9BXBdq4uR-fDDvVpwX4Z3u86qUY1kv4IgqTgyyd1WobgftzL6OQLkTeUDUHihouvojWNEniMNSLTdQ31mOthwCP-Y7SBXl5rR90q1oIJoiLwQw8NZ_NBvId2FT9O-1QX19KkxXj3iWvaljp58Y328L6Er9VsQkZWl1oIoN_-v9ELzRMsZdCd9ByI3xRSw-Z2VwHmEaoZrc3RrhMloMJvWF6exkkqmiyvO_nUJfK93xSvWWiGf3VqokADjtLlAJs8V9dYzQeknUjdfo5mrJuZQPPyLDOpp_nLhVZRqeUb9izsERcsMCD4cI4Ms-ABxvs90yVWvlha0llS6gQWg6HWulcd3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Crushed

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 22:25:35	Name: APC Value: AfxxVi7rEhyuaRkGYTE7f_yneJwjTuYKgZ18H7o2Tzya9N-lISo2bg
.doubleclick.net/	1970-01-20 22:25:35	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:27:59	Name: IDE Value: AHWqTUnANceEhe-tMTCb0Kcqdr_Ex_iIYwnoZScfMcHhE7-fomcH7UQuTa6kM6a16vQ

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mdnet.com/(Line 10) Message: Mixed Content: The page at 'https://mdnet.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Crushed'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://netbuild.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fisio.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
mdnet.com
myhome.doregi.com
netbuild.com
pagead2.googlesyndication.com
r3---sn-4g5lznl7.c.2mdn.net
tpc.googlesyndication.com
www.google.com
fonts.googleapis.com
1.214.210.188
142.250.185.130
142.250.186.162
142.250.74.194
162.241.225.93
172.64.151.101
2800:3f0:4005:410::2003
2a00:1450:4001:1c::8
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
64.31.42.235
74.125.71.154
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
27b9d1b426ce2e45976a4117790bcd21c17e01dea7cec89a344b508ad58e6858
2866e8917942a3ef4fa7cf6eacd61e51a0534b17134b0d1219a5f1c7f3886bc8
28d967acf7e5730679d181e1c29ec9398eff208af26c9804efe19feee34006fa
2cd4a1345d86097d0cac5b7f0db59dac79e7cc1e119b8b423c74c113bc89f766
2e661a8a5d9c7b6f2c2ca7fd6f579b201e0e4c7e91a217b345df1b166be0fb7c
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
48c288471f78b00a975405c705ce4c92d0ec3799aa8eb710ccc0b1bf55187dd2
4a17de57ff0d2846f11eb8f36da22ff274a6287c05721a866ded33e5942b292b
50a388a3cb17edf16083e560d9490bcf48a75a8d6fd371cb7d7e02c833a9f2a2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c064dfa617485c7e270837185bcd2bedc6cd4040a0c489d27d55af3db6bcc6d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
764ad1ad4f39787a6ee0ac06454d553e90689b4425d3740fa5bfb75185a44cac
79d32ffa90eb532c53ff1cec6b866f121e9d97e37081c17bd9edef5707bb4c82
7d94436c7f97b4e136534f0cb2d5e4b644c04d109b559e1d4171ed48c8b2d6be
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
94a74ed3d4730b1508cd605b3fa682681f9a4008453df0d79e9f830c25ca9744
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99fa4bfe6e3ec56af04a78b75dddcea7601f639092a223afcd458c1e95a78d5e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c590485a14e8b1e00dc94114136086a13581ed1b707375b4dd302e210f0124f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b231912b2b72fcf844900cd10aca692c0e493df179e088953c6342d4db423f
bf9276d0df23457836ed531271ca205acf1a2f258115add13c123509fc3e82e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ea9cfbf28365f8761d168f469755f5d6cd33d0dd1f5ce366e58d4dc26141fbeb
eec8bd0d2fb1c44bb54b626d273c8210ee2d84ea44c8ba4bfcf336e31f484151
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

netbuild.com Open in urlscan Pro 1.214.210.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

91 %HTTPS

56 %IPv6

11 Domains

19 Subdomains

16 IPs

3 Countries

3621 kBTransfer

4622 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

netbuild.com Open in urlscan Pro
1.214.210.188 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

91 %
HTTPS

56 %
IPv6

11
Domains

19
Subdomains

16
IPs

3
Countries

3621 kB
Transfer

4622 kB
Size

3
Cookies

54 HTTP transactions
1 data transactions