urlscan.io logo urlscan.io
SecurityTrails logo

s0.2mdn.net Open in urlscan Pro
2a00:1450:4001:82b::2006  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Effective URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Submission: On May 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2a00:1450:4001:82b::2006, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is s0.2mdn.net. The Cisco Umbrella rank of the primary domain is 326.
TLS certificate: Issued by WR2 on May 6th 2024. Valid for: 3 months.
This is the only time s0.2mdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.166 15169 (GOOGLE)
7 2
Apex Domain
Subdomains		 Transfer
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 326
142 KB
7 1
Domain Requested by
7 s0.2mdn.net s0.2mdn.net
7 1

This site contains no links.

Subject Issuer Validity Valid
*.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Frame ID: 02716772B861B309D412BE71B96D86B1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html HTTP 307
    https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

142 kB
Transfer

350 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html HTTP 307
    https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/
Redirect Chain
  • http://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
  • https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
143 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d910364af5f2f71b18dcc6f1c6593f98a8ec38bb6d0ebdd7905872eebaa80256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 22 May 2024 17:32:44 GMT
expires
Thu, 22 May 2025 17:32:44 GMT
last-modified
Tue, 23 Apr 2024 20:00:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0

Redirect headers

Location
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Non-Authoritative-Reason
HttpsUpgrades
Enabler_01_250.js
s0.2mdn.net/879366/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 May 2024 07:30:32 GMT
FrutigerLTStd-Light.otf
s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/ 		28 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/FrutigerLTStd-Light.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
9c10c88ed20928a67c7617186630e1da72909034ff10e6b86a03cad1fdcdf8d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 21 May 2025 04:34:12 GMT
date
Tue, 21 May 2024 04:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133112
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20663
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:00:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo_postfinance.png
s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/logo_postfinance.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
ae5c3904a661892078838eac3c86085d2bf39bbe9856045e21879da8a9a1a4d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 21 May 2025 14:22:57 GMT
date
Tue, 21 May 2024 14:22:57 GMT
x-content-type-options
nosniff
age
97787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3438
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:00:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
POF_Anlegen-24-W1_Stoerer.svg
s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/POF_Anlegen-24-W1_Stoerer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
dd4002df9dc5b2ee5f7495e0bd194bbdf137a8b549550330c29cb51254b45071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 20 May 2025 19:35:01 GMT
date
Mon, 20 May 2024 19:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165463
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1180
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:00:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
300x250_Damenbart.jpg
s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/300x250_Damenbart.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
1ea5cb90a6b230d9e8140fd87c2fdd1d71809ba736826e521d194f8734b64057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 21 May 2025 05:14:25 GMT
date
Tue, 21 May 2024 05:14:25 GMT
x-content-type-options
nosniff
age
130699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52375
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:00:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
favicon.ico
s0.2mdn.net/ 		1 KB
130 B 		Other
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s0.2mdn.net/sadbundle/12251892125363370792/1713902421863/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 14:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 May 2024 14:31:43 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __CE_installPolyfill object| WebComponents object| gwd number| STUDIO_SDK_START object| studio object| goog object| studioLoader object| AdobeEdge object| closure_lm_787227 object| Enabler object| mraid object| google_js_reporting_queue function| StudioExports

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0