netbuild.com Open in urlscan Pro
1.214.210.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://i-tax.com/
Effective URL:
http://netbuild.com/
Submission: On May 25 via manual (May 25th 2023, 4:31:58 pm UTC) from MA — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 26 HTTP transactions. The main IP is 1.214.210.188, located in Seoul, Korea, Republic Of and belongs to LGDACOM LG DACOM Corporation, KR. The main domain is netbuild.com.

This is the only time netbuild.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.31.42.235 64.31.42.235	46475 (LIMESTONE...) (LIMESTONENETWORKS)
2	1.214.210.188 1.214.210.188	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
1 10	162.241.225.93 162.241.225.93	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
26	8

1 64.31.42.235 (Modesto, United States) 1 redirects

ASN46475 (LIMESTONENETWORKS, US)
PTR: 235-42-31-64.static.reverse.lstn.net

i-tax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 1.214.210.188 (Seoul, Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

netbuild.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myhome.doregi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.241.225.93 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5253.bluehost.com

mdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mdnet.com 1 redirects mdnet.com	147 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	204 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	5 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9037	532 B
1	doregi.com myhome.doregi.com	476 B
1	netbuild.com netbuild.com	938 B
1	i-tax.com 1 redirects i-tax.com	220 B
0	googleapis.com Failed fonts.googleapis.com Failed
26	9

	Domain	Requested by
10	mdnet.com	1 redirects netbuild.com mdnet.com
6	pagead2.googlesyndication.com	mdnet.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	myhome.doregi.com	netbuild.com
1	netbuild.com
1	i-tax.com	1 redirects
0	fonts.googleapis.com Failed	mdnet.com
26	11

This site contains no links.

Subject Issuer	Validity	Valid
cpcontacts.mdnet.com R3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://netbuild.com/
Frame ID: A8DB13B1C4FC7A0F6BDA5E2DDF141501
Requests: 1 HTTP requests in this frame

Frame: https://mdnet.com/
Frame ID: 1A0B7E693DC6F9C1E38136F2B388A8D7
Requests: 17 HTTP requests in this frame

Frame: http://myhome.doregi.com/counter/counter.php?remote_ip=217.64.151.67&remote_ref=&server_name=netbuild.com
Frame ID: 3E72DABAE7D52D0D4DE783FAC62B641B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html
Frame ID: 77861EF7F05CA8984EFB0FD8195E349C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1685032315629&bpp=5&bdt=746&idt=176&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&correlator=7286320002709&frm=22&ife=1&pv=2&ga_vid=1226524977.1685032316&ga_sid=1685032316&ga_hid=2032416677&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31074687%2C31074754%2C44772268%2C44785294%2C44788442%2C44792646&oid=2&pvsid=1707499136089785&tmod=1403012785&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.1f01q0yph9kq&fsb=1&xpc=cHyyRQEoHm&p=https%3A//mdnet.com&dtd=193
Frame ID: 25A502D5AD94437BA36BFB64CD35AFCD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBDD688CCC4C5762E03F259BB1975941
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBDF244404A6C4345BF4DB0A5CB8737F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

netbuild.com

Page URL History Show full URLs

http://i-tax.com/ HTTP 301
http://netbuild.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

88 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

359 kB
Transfer

889 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://i-tax.com/ HTTP 301
http://netbuild.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mdnet.com/ HTTP 301
https://mdnet.com/

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
netbuild.com/
Redirect Chain

http://i-tax.com/
http://netbuild.com/

722 B
938 B

1299ms
240ms

Document
text/html

1.214.210.188
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: http://netbuild.com/
Protocol: HTTP/1.1
Server: 1.214.210.188 Seoul, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache / PHP/5.3.10
Resource Hash: e98dc7b52904ccb5db6e8dc671e976bb359cc155588d55622005514a5205513f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 722
Content-Type: text/html; charset=EUC-KR
Date: Thu, 25 May 2023 16:31:53 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Powered-By: PHP/5.3.10

Redirect headers

Connection: close
Content-Type: text/html
Date: Thu, 25 May 2023 18:37:58 GMT
Location: http://netbuild.com
Server: Apache/1.3.37 (Unix) mod_forward_0_3
Transfer-Encoding: chunked

GET
H2

200

/ Show response
mdnet.com/ Frame 1A0B
Redirect Chain

http://mdnet.com/
https://mdnet.com/

5 KB
2 KB

536ms
185ms

Document
text/html

162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/
Requested by: Host: netbuild.com
URL: http://netbuild.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: bf9276d0df23457836ed531271ca205acf1a2f258115add13c123509fc3e82e7

Request headers

Referer: http://netbuild.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1682
content-type: text/html
date: Thu, 25 May 2023 16:31:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 02 Jul 2021 01:57:26 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 25 May 2023 16:31:54 GMT
Keep-Alive: timeout=5, max=75
Location: https://mdnet.com/
Server: Apache

GET
H/1.1 200
OK counter.php Show response
myhome.doregi.com/counter/ Frame 3E72 260 B
476 B 866ms
277ms Document
text/html 1.214.210.188
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: http://myhome.doregi.com/counter/counter.php?remote_ip=217.64.151.67&remote_ref=&server_name=netbuild.com
Requested by: Host: netbuild.com
URL: http://netbuild.com/
Protocol: HTTP/1.1
Server: 1.214.210.188 Seoul, Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache / PHP/5.3.10
Resource Hash: 27b9d1b426ce2e45976a4117790bcd21c17e01dea7cec89a344b508ad58e6858

Request headers

Referer: http://netbuild.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 260
Content-Type: text/html; charset=EUC-KR
Date: Thu, 25 May 2023 16:31:54 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Powered-By: PHP/5.3.10

GET
H2 200 main.css
mdnet.com/css/ Frame 1A0B 2 KB
1014 B 192ms
191ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/main.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 7d94436c7f97b4e136534f0cb2d5e4b644c04d109b559e1d4171ed48c8b2d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 981

GET
H2 200 styles.css
mdnet.com/css/ Frame 1A0B 4 KB
1 KB 366ms
365ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/styles.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: ea9cfbf28365f8761d168f469755f5d6cd33d0dd1f5ce366e58d4dc26141fbeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1399

GET
H2 200 mediaqueries.css
mdnet.com/css/ Frame 1A0B 1 KB
570 B 187ms
186ms Stylesheet
text/css 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/css/mediaqueries.css
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 48c288471f78b00a975405c705ce4c92d0ec3799aa8eb710ccc0b1bf55187dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 507

GET
H2 200 jquery.js Show response
mdnet.com/js/ Frame 1A0B 242 KB
92 KB 360ms
359ms Script
application/javascript 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/js/jquery.js
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 5c064dfa617485c7e270837185bcd2bedc6cd4040a0c489d27d55af3db6bcc6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 main.js Show response
mdnet.com/js/ Frame 1A0B 1008 B
514 B 186ms
186ms Script
application/javascript 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mdnet.com/js/main.js
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 28d967acf7e5730679d181e1c29ec9398eff208af26c9804efe19feee34006fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 01:57:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 441

GET
H2 200 banner-img.jpg
mdnet.com/img/ Frame 1A0B 48 KB
48 KB 335ms
335ms Image
image/jpeg 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/banner-img.jpg
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 2cd4a1345d86097d0cac5b7f0db59dac79e7cc1e119b8b423c74c113bc89f766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
last-modified: Fri, 02 Jul 2021 01:57:19 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 48893
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1A0B 136 KB
47 KB 107ms
70ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mdnet.com
URL: https://mdnet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d38e4f4bc4a767066bec63e03a892017b817b33b7b4eaf8e697e52e82ac10e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47354
x-xss-protection: 0
server: cafe
etag: 11252718080308100075
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 May 2023 16:31:55 GMT

GET css
fonts.googleapis.com/ Frame 1A0B 0
0

GET
H2 200 body-pattern.png
mdnet.com/img/ Frame 1A0B 945 B
1007 B 180ms
179ms Image
image/png 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/body-pattern.png
Requested by: Host: mdnet.com
URL: https://mdnet.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: b4b231912b2b72fcf844900cd10aca692c0e493df179e088953c6342d4db423f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
last-modified: Fri, 02 Jul 2021 01:57:22 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 945
content-type: image/png

GET
H2 200 nav-bg.png
mdnet.com/img/ Frame 1A0B 943 B
997 B 180ms
180ms Image
image/png 162.241.225.93
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdnet.com/img/nav-bg.png
Requested by: Host: mdnet.com
URL: https://mdnet.com/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.225.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5253.bluehost.com
Software: Apache /
Resource Hash: 94a74ed3d4730b1508cd605b3fa682681f9a4008453df0d79e9f830c25ca9744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
last-modified: Fri, 02 Jul 2021 01:57:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 943
content-type: image/png

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ Frame 1A0B 354 KB
120 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5619872076330108&plah=mdnet.com&bust=31074754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3757aa26378eafb669739e324552078f5fbc9fba252af37010fe2f9710d46b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122569
x-xss-protection: 0
server: cafe
etag: 7249938177359343623
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 May 2023 16:31:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/ Frame 7786 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:10:54 GMT
etag: 15057649708203361565
expires: Thu, 08 Jun 2023 13:10:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1A0B 107 B
532 B 73ms
26ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5619872076330108&plah=mdnet.com&bust=31074754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1A0B 107 B
457 B 49ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mdnet.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25A5 430 B
409 B 242ms
241ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5619872076330108&output=html&h=280&slotname=5068305277&adk=903608056&adf=1396875388&pi=t.ma~as.5068305277&w=920&fwrn=16&fwrnh=100&lmt=1625191046&rafmt=1&format=920x280&url=https%3A%2F%2Fmdnet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1685032315629&bpp=5&bdt=746&idt=176&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&correlator=7286320002709&frm=22&ife=1&pv=2&ga_vid=1226524977.1685032316&ga_sid=1685032316&ga_hid=2032416677&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=584989944&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31074687%2C31074754%2C44772268%2C44785294%2C44788442%2C44792646&oid=2&pvsid=1707499136089785&tmod=1403012785&uas=0&nvt=1&top=http%3A%2F%2Fnetbuild.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.1f01q0yph9kq&fsb=1&xpc=cHyyRQEoHm&p=https%3A//mdnet.com&dtd=193

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff89389843198c446992610bc0ee3bb6c3c016620283d5359c40721b0adaed62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 16:31:56 GMT
expires: Thu, 25 May 2023 16:31:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1A0B 14 KB
11 KB 79ms
59ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230522&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e2dcb7441d0df5657bce459e54d3f835f134bd70b1eb276a182737ce7adf9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11096
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A0B 17 KB
7 KB 104ms
81ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 May 2023 16:31:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBDD 13 KB
5 KB 13ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:35:48 GMT
expires: Fri, 24 May 2024 13:35:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBDF 783 B
1 KB 48ms
20ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96eca2329f1243c0e6bb003f5a1b1f4c4f3f0a289eba098ddbd23766c2a6124e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c7OLD9OLqqo-dQ6mHeM6pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-c7OLD9OLqqo-dQ6mHeM6pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 16:31:56 GMT
expires: Thu, 25 May 2023 16:31:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame BBDD 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 20:55:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBDF 0
0 40ms
40ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230522&jk=1707499136089785&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BBDD 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AyZNEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 16:31:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A0B 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230522&jk=1707499136089785&bg=!xcalxpLNAAZ8_aWmXP07ADkAdvg8Wrk_-coiBGFhKEd7NsuLHjFYysLCb0dx1b5vH_zUmwaGNcT8osWWCX0h-ND8KfrVmcU8rZsCAAAATFIAAAACaAEHCgCUCqu6BtcSM47mTWbY0v61cuFTf_nwt-vsB15OCK9jWC44l9Q4f9UFmBrslbssNC71OHhKrmkymggnzeuGEoDUljB8NcO750lZQCKbo79-dxEScJb8URxOpFzJ-FWclROogxV7jQyXs982Y1aycvgrymYTjwpucaz5Gt4VA9mdPjvjS_Mp2fIKBvQPSikPusWefXm8V5kCtiVWAlWgrL9fhpQpedBjyXNxy9xASSJcY4z2cpJyDyzVadRaD7sudmaN_i6AvR8Z0K-Sx0UM2MTNGgB86rA5fWR9fHI3bAf1d8WGB3KyqYYkSIBDpr8dgeT2E5YRlqylkGuHbM_eHfW38vgTg2H3v_zFuo34iH-IadwlNSLvV3KdE60fu-94GyWW1Li7XJZ8ImW3i-atTFWTUwhXtkCZjgx681S-JZfjmHlkX07z0--TIyENqGR-Bzi7km6CfQykvOk0hF8z-l99Js5-h5BHMNyQSF9zOE7h5Xm6yK7o8sLsDy-rgDMOHEpBSoGC_IunmZPpVHP1hFQNSdsL89IMklOg0AkRN0G5d4Y9Re_8xJmUHGNP8xLTmpZGbOkKOH_iACPXSuX1uSSTIhK6Hp2pGt56ZG7sg6755tCmXIXIPtdt26QInkzgpXpgZ6rBvpqrAp5WrJMwdquMN_F790wx_Y4WFX8GkFM2N4EC5QgVx31tFDg8Ig4Pw3pRUkDDxtNo3IfS_0jWuFjLtuwh9uJJ38S7XP_mK9o1vZ3mkngNSA2MQJoSYyA1cuTcvQjNiC57t0XbAwi0O54eWBkmkfOKbXrXCnnag4MN4x1xht0wnzWPYaVQzH237cKWHU3QJgGskP4POL5M1O-BXscYvOG7WSnlgR5OLRmn2JQ13KmAigZ9qxeLRJqZfkPhc5TvWaOq0o20_bvsmrJwLK6d64UQlN4h1oX9kIqvtH6NBInGjNXs6olVbpnfe-orDmcC8CQx0Jx6j0YzBruAxX2u_GhP4zqeWr6h9_JH9SumFwAqzJmgEiBU95g96eOSS84nDyGhR4jSdtA3afMeFi45gDu-TWw2Ye54JY7d48CCv7n7HqZ_IuVkg_vWAfAfRxxoeI3cTcem3Vxrj5LsTWxlezLOd72nuG7ZtVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Crushed

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 12:03:53	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mdnet.com/(Line 10) Message: Mixed Content: The page at 'https://mdnet.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Crushed'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
googleads.g.doubleclick.net
i-tax.com
mdnet.com
myhome.doregi.com
netbuild.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
fonts.googleapis.com
1.214.210.188
162.241.225.93
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
64.31.42.235
27b9d1b426ce2e45976a4117790bcd21c17e01dea7cec89a344b508ad58e6858
28d967acf7e5730679d181e1c29ec9398eff208af26c9804efe19feee34006fa
2cd4a1345d86097d0cac5b7f0db59dac79e7cc1e119b8b423c74c113bc89f766
3757aa26378eafb669739e324552078f5fbc9fba252af37010fe2f9710d46b0f
3d38e4f4bc4a767066bec63e03a892017b817b33b7b4eaf8e697e52e82ac10e9
48c288471f78b00a975405c705ce4c92d0ec3799aa8eb710ccc0b1bf55187dd2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c064dfa617485c7e270837185bcd2bedc6cd4040a0c489d27d55af3db6bcc6d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
7d94436c7f97b4e136534f0cb2d5e4b644c04d109b559e1d4171ed48c8b2d6be
94a74ed3d4730b1508cd605b3fa682681f9a4008453df0d79e9f830c25ca9744
96eca2329f1243c0e6bb003f5a1b1f4c4f3f0a289eba098ddbd23766c2a6124e
9e2dcb7441d0df5657bce459e54d3f835f134bd70b1eb276a182737ce7adf9e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b4b231912b2b72fcf844900cd10aca692c0e493df179e088953c6342d4db423f
bf9276d0df23457836ed531271ca205acf1a2f258115add13c123509fc3e82e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98dc7b52904ccb5db6e8dc671e976bb359cc155588d55622005514a5205513f
ea9cfbf28365f8761d168f469755f5d6cd33d0dd1f5ce366e58d4dc26141fbeb
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ff89389843198c446992610bc0ee3bb6c3c016620283d5359c40721b0adaed62

netbuild.com Open in urlscan Pro 1.214.210.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

88 %HTTPS

63 %IPv6

9 Domains

11 Subdomains

8 IPs

3 Countries

359 kBTransfer

889 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

netbuild.com Open in urlscan Pro
1.214.210.188 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

88 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

359 kB
Transfer

889 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions