portableapps.com Open in urlscan Pro
104.239.166.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2...
Submission Tags: falconsandbox
Submission: On August 28 via api (August 28th 2022, 4:51:50 pm UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 11 domains to perform 90 HTTP transactions. The main IP is 104.239.166.87, located in United States and belongs to RACKSPACE, US. The main domain is portableapps.com. The Cisco Umbrella rank of the primary domain is 227212.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 1st 2022. Valid for: a year.

This is the only time portableapps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	104.239.166.87 104.239.166.87	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
11	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:80a::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
90	22

9 104.239.166.87 (United States)

ASN27357 (RACKSPACE, US)
PTR: portableapps.com

portableapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn2.portableapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hnekn76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	424 KB
20	portableapps.com portableapps.com — Cisco Umbrella Rank: 227212 cdn2.portableapps.com — Cisco Umbrella Rank: 558797	131 KB
12	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 bid.g.doubleclick.net — Cisco Umbrella Rank: 474	112 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com	86 KB
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5695 adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 imasdk.googleapis.com — Cisco Umbrella Rank: 440	130 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 970 r4---sn-5hnekn76.c.2mdn.net — Cisco Umbrella Rank: 439870	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	87 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	643 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	72 KB
90	11

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	portableapps.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	cdn2.portableapps.com	portableapps.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net portableapps.com
9	portableapps.com	portableapps.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	portableapps.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	r4---sn-5hnekn76.c.2mdn.net	googleads.g.doubleclick.net portableapps.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	portableapps.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	portableapps.com
90	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
rareideas.com

Subject Issuer	Validity	Valid
portableapps.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-08-16` - `2022-10-25`	2 months	crt.sh

This page contains 13 frames:

Primary Page: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
Frame ID: D5AD3EB1323D877EB94BE464B0615AC6
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 4924F65EB7F12D4AE3CEAF8BD467C2B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=2295297607&adk=3607957652&adf=1477126531&pi=t.ma~as.2295297607&w=873&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=873x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506107&bpp=3&bdt=736&idt=205&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&correlator=3059453056081&frm=20&pv=2&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=557&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8VxS3xee4q&p=https%3A//portableapps.com&dtd=219
Frame ID: 6767900E6B7D5C52DD1E67B8E196B70A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=6323406103&adk=2386168346&adf=4140416920&pi=t.ma~as.6323406103&w=728&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506110&bpp=1&bdt=738&idt=222&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WdBGAZ5QWP&p=https%3A//portableapps.com&dtd=225
Frame ID: DFD2DD0262157BDA8D4358F9A4D588C1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&adk=1812271804&adf=3025194257&lmt=1661705504&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506120&bpp=1&bdt=749&idt=218&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280%2C728x280&nras=1&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=224
Frame ID: 20416505F72CDE0DBBE58A1D30C314AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: E4458548606C67CF1E738E436171D095
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E08AA9B3992D485967EB916535E396AD
Requests: 2 HTTP requests in this frame

Frame: https://p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 7AD342978069A2E3061C8E6776ECF8DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 624048D3A3F8D02B28E97471C57930DD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: E02580BEEEB8E52474B42E1632C1434C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: 06E56B42E6CDC2BDE800FB4B92BE2C1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9718ACC98EE573A3B4AB128483D3DD40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 543A77D288767F1FB4912A3569D30126
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downloading | PortableApps.com

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

90
Requests

99 %
HTTPS

82 %
IPv6

11
Domains

23
Subdomains

22
IPs

4
Countries

1044 kB
Transfer

2861 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portableapps

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/portableapps

Search URL Search Domain Scan URL

URL: https://twitter.com/PortableApps

Search URL Search Domain Scan URL

URL: http://rareideas.com/
Title: Rare Ideas, LLC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/444F0617F183F4F36CCAFC43BD6400A36B3E08EB.A888DF8C2B80A4B4615279B59F8A1ED772FBC77D/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F484BC29FDD626236DE080F4D7CA2455B477DFF.76F1BBD305685920600313519A70C3CCE7342C90/key/cms1/cms_redirect/yes/mh/3l/mip/2a03:1b20:6:f011::8e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1661704601/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

90 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
portableapps.com/downloading/ 36 KB
10 KB 777ms
451ms Document
text/html 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

445d226f5f9d3105e57ee8658698153c8334983101ba57e3363b164bf4291350

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: en
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Aug 2022 16:51:44 GMT
Etag: "1661705504-1"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Keep-Alive: timeout=1, max=300
Last-Modified: Sun, 28 Aug 2022 16:51:44 GMT
Link: <https://portableapps.com/downloading>; rel="canonical",<https://portableapps.com/node/58229>; rel="shortlink"
Permissions-Policy: interest-cohort=()
Server: Apache
Transfer-Encoding: chunked
Vary: Cookie,Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Drupal-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 7 (https://www.drupal.org)

GET
H/1.1 200
OK css__BnakMdQ573nEOdLa19sa3E06qWBGAXD0JjA1j7d3Jwc__pugRKemn-c32oTRK1f9w4sl14_kgQl19IlL2-8OxI0Q__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css
portableapps.com/files/advagg_css/ 9 KB
3 KB 110ms
101ms Stylesheet
text/css 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_css/css__BnakMdQ573nEOdLa19sa3E06qWBGAXD0JjA1j7d3Jwc__pugRKemn-c32oTRK1f9w4sl14_kgQl19IlL2-8OxI0Q__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css

Requested by

Host: portableapps.com
URL: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

dae6a6ed6dddbc3fe372c61c04a100a7d5d4980faf2a56af1691e66a471d6dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:56:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=299
Content-Length: 2512
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H/1.1 200
OK css__rQ1alF2wtRJheC4MwbTGQHhDW1u3JWtM73MeXej8ZCI__fhvJVXXQ_0VSZPsugyxWP4moufN-95EZrJc4g5Xp1vE__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css
portableapps.com/files/advagg_css/ 186 B
568 B 210ms
99ms Stylesheet
text/css 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_css/css__rQ1alF2wtRJheC4MwbTGQHhDW1u3JWtM73MeXej8ZCI__fhvJVXXQ_0VSZPsugyxWP4moufN-95EZrJc4g5Xp1vE__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

96dce0e0b24f4f567b49dbf2e2e6352aa45b863ce7b2043835013dfc572fbe81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:56:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=298
Content-Length: 141
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H/1.1 200
OK css__TGj7oDTlCOezYhm81MCiKH1W_xM696j-fpnAXKZSsIY__RxkqJATva13SqTo9aBuJU64_Du0yiZY28KGnAYxpDx4__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css
portableapps.com/files/advagg_css/ 48 KB
11 KB 284ms
96ms Stylesheet
text/css 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_css/css__TGj7oDTlCOezYhm81MCiKH1W_xM696j-fpnAXKZSsIY__RxkqJATva13SqTo9aBuJU64_Du0yiZY28KGnAYxpDx4__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

7a1f8774ffb81cbd36edbf3e9ec297e8bf6bba34245c668d4a280b99806b75e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Jun 2022 04:52:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=300
Content-Length: 10553
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H/1.1 200
OK js__8f53zM83kRCHEvlZoBGEccIPj2mfXDrN5IBwx4zoCrk__wTdp5V_1QAOL2ddKq4b10V8V9MczzEEyzF_qxXdr9PA__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js Show response
portableapps.com/files/advagg_js/ 90 KB
31 KB 286ms
98ms Script
application/javascript 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_js/js__8f53zM83kRCHEvlZoBGEccIPj2mfXDrN5IBwx4zoCrk__wTdp5V_1QAOL2ddKq4b10V8V9MczzEEyzF_qxXdr9PA__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

7a622e2c6d7717fe17fd955569bc17b8d9f4277ff21157940ae4570070748b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:56:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=300
Content-Length: 31258
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H/1.1 200
OK js__kdVhQPj3OgOskkZOKw4sLaoXuYovw38VZUfOh-1OpW8__iJsjrZjbZJi6uimUKYM_mffAnKdxN-vK-dfVtkGkDiw__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js Show response
portableapps.com/files/advagg_js/ 36 KB
8 KB 292ms
100ms Script
application/javascript 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_js/js__kdVhQPj3OgOskkZOKw4sLaoXuYovw38VZUfOh-1OpW8__iJsjrZjbZJi6uimUKYM_mffAnKdxN-vK-dfVtkGkDiw__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

f519899f704cfaf407aefa4f1d2776d0543c7b47158e1d8739b498012ce2c249

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Feb 2022 19:55:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=300
Content-Length: 8210
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H/1.1 200
OK js__QlQqMgmDAmHO84OmeKenjzFgqAqkQXeGGs3pHhlPkXY__eitKXnpP_u8SSbRy74CiHIgk-4GeMZrNlM6OJigkukY__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js Show response
portableapps.com/files/advagg_js/ 872 B
886 B 294ms
102ms Script
application/javascript 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_js/js__QlQqMgmDAmHO84OmeKenjzFgqAqkQXeGGs3pHhlPkXY__eitKXnpP_u8SSbRy74CiHIgk-4GeMZrNlM6OJigkukY__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

63ae85fe638fa31f504e079a6c5362cd89fb71684602f4e7d5695a71f0186c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:56:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=300
Content-Length: 445
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 154ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WHB3ZZ535L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3ead6038b152a2ea016c9a7582fc94089766dcd34cd5b89c4ebce9197b7f4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72808
x-xss-protection: 0
expires: Sun, 28 Aug 2022 16:51:45 GMT

GET
H2 200 _theme_header_logo_white_414x60-2.png
cdn2.portableapps.com/ 3 KB
4 KB 197ms
28ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_theme_header_logo_white_414x60-2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0c3947c998c161d13363e41fb655cb07088ce03892929fb4eb04f7a067384733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:38 GMT
x-amz-request-id: tx00000000000002bda727d-00630b9c2e-34c6886a-nyc3b
etag: "a9fdcc774e611777ad957836d5c2c5e9"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds306.am5.c
content-type: image/png
cache-control: max-age=357
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3444

GET
H2 200 _icon_-_facebook_white_20v3.png
cdn2.portableapps.com/ 271 B
456 B 192ms
31ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_facebook_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f3072b13a84412162408ce4cc3a766946ecb338bf4cf30a3376e29896ed6f2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:32 GMT
x-amz-request-id: tx000000000000028e6342d-00630b9d19-34c5ae65-nyc3b
etag: "e6b28f9cd8bbe2795ef3f37b79fc9656"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds242.am5.c
content-type: image/png
cache-control: max-age=592
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 271

GET
H2 200 _icon_-_linkedin_white_20v3.png
cdn2.portableapps.com/ 309 B
494 B 189ms
29ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_linkedin_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4e6569e86deba2b47f9afce6d977d527f9ce1cd37c9f5d9354b56149fde7d217

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:33 GMT
x-amz-request-id: tx000000000000028e0c5de-00630b9b2c-34c5ae65-nyc3b
etag: "a9377ea2dafe6e037762e52a87a42103"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds120.am5.c
content-type: image/png
cache-control: max-age=99
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 309

GET
H2 200 _icon_-_twitter_white_20v3.png
cdn2.portableapps.com/ 363 B
540 B 192ms
31ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_twitter_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f2bf9e4126d80ae31cd143c8aa5eb99aab62d1f4c2a4c943efb659f885850bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:34 GMT
x-amz-request-id: tx00000000000002bd976c6-00630b9bd8-34c6886a-nyc3b
etag: "4b6e05acaaa978545b41a5cbe9fb003e"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds011.am5.c
content-type: image/png
cache-control: max-age=271
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 363

GET
H2 200 _icon_-_rss_white_20v3.png
cdn2.portableapps.com/ 447 B
625 B 539ms
379ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_rss_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1c48ed9cea2b4bb5ac4be85e747ee6e856ac5483375f15d5952c4753c6c3559c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:46 GMT
last-modified: Thu, 23 Sep 2021 17:34:34 GMT
x-amz-request-id: tx000000000000028e64cb7-00630b9d22-34c5ae65-nyc3b
etag: "633bf578434eaf6b725e0a824f1b8419"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705506.cds145.am5.pr
content-type: image/png
cache-control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 447

GET
H2 200 _icon_-_newsletter_white_20v3.png
cdn2.portableapps.com/ 326 B
504 B 529ms
369ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_newsletter_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

8d180125c4da5da4436f35ac4155c5342de07e2467f5a37b8b3f66e9ed9b2088

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:46 GMT
last-modified: Thu, 23 Sep 2021 17:34:33 GMT
x-amz-request-id: tx00000000000002bdd3e32-00630b9d22-34c6886a-nyc3b
etag: "7537d2a688b68e8b2503cfc11a9ab547"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705506.cds232.am5.pr
content-type: image/png
cache-control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 326

GET
H2 200 FirefoxPortableLegacy52_128.png
cdn2.portableapps.com/ 43 KB
44 KB 444ms
353ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/FirefoxPortableLegacy52_128.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

9e84b8451e181d4237d7357dbe138adbf14db2209b63d02728d577ea6efa9d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:46 GMT
last-modified: Thu, 23 Sep 2021 17:35:07 GMT
x-amz-request-id: tx000000000000028e64ca2-00630b9d22-34c5ae65-nyc3b
etag: "62a92d28542e5451ea03dcbabe69e759"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705506.cds124.am5.pr
content-type: image/png
cache-control: max-age=600
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 44488

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 229ms
128ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0235792cfae40ba5323b0cb3a62c0e88033c9bb98e05179e47abfc0eb52bca1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57624
x-xss-protection: 0
server: cafe
etag: 15517495466816201487
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:51:45 GMT

GET
H2 200 _icon_-_community_white_20v3.png
cdn2.portableapps.com/ 634 B
819 B 118ms
27ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_community_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c243f674add92a6c59b55a85415fd3d8eda0ec138a412d2c1b862e58f6cb994e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:31 GMT
x-amz-request-id: tx000000000000028dfc437-00630b9ad6-34c5ae65-nyc3b
etag: "2b47f1b609a7064a26ddd1360b203312"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds222.am5.c
content-type: image/png
cache-control: max-age=13
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 634

GET
H2 200 _icon_-_forum_white_20v3.png
cdn2.portableapps.com/ 319 B
504 B 117ms
26ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_forum_white_20v3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cff6e08a97cb895a7b49908f4eb917d0581d08cc46d43169f1096476f3fe0c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:32 GMT
x-amz-request-id: tx000000000000028e50de6-00630b9cb0-34c5ae65-nyc3b
etag: "ccf4c9b91a149ff21bfd65744d2ccbba"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds226.am5.c
content-type: image/png
cache-control: max-age=487
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 319

GET
H/1.1 200
OK css__CBkOrg6FzpVqr5pfkvBT8sOOPO96CEgYJBIv_QUbmx4__uC8VjGt0CzYsAjeHBx0VCBaJjRhKKVKeL6kEBjUDHUk__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css
portableapps.com/files/advagg_css/ 480 B
704 B 98ms
97ms Stylesheet
text/css 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://portableapps.com/files/advagg_css/css__CBkOrg6FzpVqr5pfkvBT8sOOPO96CEgYJBIv_QUbmx4__uC8VjGt0CzYsAjeHBx0VCBaJjRhKKVKeL6kEBjUDHUk__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

1956bc1e1bc18fa09ba109e05e467e0ee71841ffa5ed5edfd6f2f916e83b5e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 20:56:44 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31449600, no-transform, public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=299
Content-Length: 277
Expires: Sun, 27 Aug 2023 16:51:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 130ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,400italic,700,700italic&subset=latin,greek,cyrillic

Requested by

Host: portableapps.com
URL: https://portableapps.com/files/advagg_css/css__TGj7oDTlCOezYhm81MCiKH1W_xM696j-fpnAXKZSsIY__RxkqJATva13SqTo9aBuJU64_Du0yiZY28KGnAYxpDx4__-R0dSJBSw22qD6aXn5ev5_yoP2RSG6XTmUpaFBCRjUY.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

189f0747e2846498eaa4964cdf4c77fc6805829602191ce25579021950199d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 16:51:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Aug 2022 16:51:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Aug 2022 16:51:45 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400italic,700,700italic&subset=latin,greek,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portableapps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:55:14 GMT
x-content-type-options: nosniff
age: 345391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 16:55:14 GMT

GET
H2 200 _icon_-_search.png
cdn2.portableapps.com/ 717 B
1 KB 145ms
22ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_icon_-_search.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

88d6b85f9767156e76bffe17ce7d268995719ba35ff33b3f08816409707f3ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:34 GMT
x-amz-request-id: tx00000000000002bd976c9-00630b9bd8-34c6886a-nyc3b
etag: "eed6c6f32b476eb0daca4350e951812a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds304.am5.c
content-type: image/png
cache-control: max-age=271
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 717

GET
H2 200 P5sCzZCDf9_T_10c9CNkiA.woff2
fonts.gstatic.com/s/arimo/v27/ 20 KB
20 KB 133ms
53ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sCzZCDf9_T_10c9CNkiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400italic,700,700italic&subset=latin,greek,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a0c65a5a1136016574709e8be949cade2cee78fb2bbea201636577304ebef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portableapps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 15:47:25 GMT
x-content-type-options: nosniff
age: 90260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20164
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:16:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Aug 2023 15:47:25 GMT

GET
H/1.1 200
OK 16l.png
portableapps.com/sites/all/modules/gtranslate/gtranslate-files/ 13 KB
13 KB 99ms
99ms Image
image/png 104.239.166.87
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portableapps.com/sites/all/modules/gtranslate/gtranslate-files/16l.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.166.87 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

portableapps.com

Software

Apache /

Resource Hash

2d25f258e2a3b7f891c9deb4bd2801272c342adc6e644aada9789ef2a11ee504

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/downloading/?a=FirefoxPortableLegacy52&n=Mozilla%20Firefox%2C%20Portable%20Edition%20Legacy%20%2052&s=s&p&d=pa&f=FirefoxPortableLegacy52_52.9.0_English.paf.exe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 11 Sep 2016 01:46:08 GMT
Server: Apache
ETag: "1045e6-3380-53c318b149800"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=299
Content-Length: 13184
Expires: Sun, 11 Sep 2022 16:51:45 GMT

GET
H2 200 _element_-_buttons.png
cdn2.portableapps.com/ 409 B
596 B 115ms
25ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.portableapps.com/_element_-_buttons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1997f763b02ae0dd5e47e15989861139503e5eb8351d9d6cd4c3e44d2559b93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:45 GMT
last-modified: Thu, 23 Sep 2021 17:34:26 GMT
x-amz-request-id: tx00000000000002bd8738c-00630b9b80-34c6886a-nyc3b
etag: "68800d14372685e6367cf987d4b6d116"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1661705505.dop247.am5.t,1661705505.cds276.am5.hn,1661705505.cds217.am5.c
content-type: image/png
cache-control: max-age=183
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 409

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 117ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WHB3ZZ535L&gtm=2oe8o0&_p=1723500416&_gaz=1&cid=1720985855.1661705506&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661705506&sct=1&seg=0&dl=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&dt=Downloading%20%7C%20PortableApps.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHB3ZZ535L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portableapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
338 B 69ms
19ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WHB3ZZ535L&cid=1720985855.1661705506&gtm=2oe8o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHB3ZZ535L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portableapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 169ms
76ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHB3ZZ535L&cid=1720985855.1661705506&gtm=2oe8o0&aip=1&z=480672313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ 342 KB
121 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3282017654522212&plah=portableapps.com&bust=31069152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb87127e171d13ac1b8f8b6be7aaadb35654e00c194dfe8aad3e9e4d2a75fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123327
x-xss-protection: 0
server: cafe
etag: 4120778863156553279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:51:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 4924 10 KB
5 KB 139ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 18:23:24 GMT
etag: 8616628553774171045
expires: Sat, 10 Sep 2022 18:23:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
643 B 124ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portableapps.com&callback=_gfp_s_&client=ca-pub-3282017654522212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3282017654522212&plah=portableapps.com&bust=31069152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f580725b48184181b55259d5d7acc101c89128c09c444bc8a29fe504d3c31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
45ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portableapps.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portableapps.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6767 70 KB
28 KB 886ms
809ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=2295297607&adk=3607957652&adf=1477126531&pi=t.ma~as.2295297607&w=873&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=873x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506107&bpp=3&bdt=736&idt=205&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&correlator=3059453056081&frm=20&pv=2&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=557&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8VxS3xee4q&p=https%3A//portableapps.com&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc0513d69cb43097ee39832dc5c3b288ae614b6d1cd5c416210fd0d7a3973c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28782
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:47 GMT
expires: Sun, 28 Aug 2022 16:51:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFD2 73 KB
23 KB 408ms
338ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=6323406103&adk=2386168346&adf=4140416920&pi=t.ma~as.6323406103&w=728&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506110&bpp=1&bdt=738&idt=222&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WdBGAZ5QWP&p=https%3A//portableapps.com&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73eee1b484a3a6273142eac5c3ed9be3e38778a8ab4f6277f0cc4889c2502b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:46 GMT
expires: Sun, 28 Aug 2022 16:51:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2041 114 KB
35 KB 669ms
609ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&adk=1812271804&adf=3025194257&lmt=1661705504&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506120&bpp=1&bdt=749&idt=218&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280%2C728x280&nras=1&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=224

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766f8c34701f859ca4fdfdba4184bdc14296ec157a11d4861555ddaf539a6d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:46 GMT
expires: Sun, 28 Aug 2022 16:51:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame DFD2 23 KB
10 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=6323406103&adk=2386168346&adf=4140416920&pi=t.ma~as.6323406103&w=728&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506110&bpp=1&bdt=738&idt=222&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WdBGAZ5QWP&p=https%3A//portableapps.com&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:40:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DFD2 8 KB
716 B 120ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 15:17:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Aug 2022 16:51:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Aug 2022 16:51:46 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame DFD2 14 KB
3 KB 139ms
38ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 13:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 10:41:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:39:15 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame DFD2 357 KB
123 KB 139ms
39ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 13:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126294
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 10:41:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 13:39:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DFD2 17 KB
8 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:46:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DFD2 0
327 B 106ms
39ms Ping
image/gif 2a00:1450:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7dkjz60&c=7811879792292&slotId=3905939896146&qqid=CPDJu7P_6fkCFQFDHgIdKnAKCA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DFD2 15 KB
16 KB 117ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 518815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DFD2 15 KB
15 KB 117ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 510232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:07:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD2 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CC5FeIp0LY_CwG4GG-cAPquCpQKaQsPBrjd6zmqAQ8a_q4qIyEAEgw7TnA2CV4pCCoAegAYK9m8QoyAEFqQI5yF3Cno5tPqgDAcgDmwSqBJ0CT9BcAjGUrTL-vSXGGylH1rUH-uOl0Esr5894o1ybUBS3_LBbWvCQHhHFGreXmnBuOHuFG_Hl0paOMDih3mAwBeyz3yFX_5KPU4mW7qtCFMJeuQKUWri5jIVOjDehkfS9aaebpAK4FgUx0YjVi0Y_SZ3Qgve77lzNdVx18oXFR0VpA6QdZAbRIoMxfEnKF1dTp6AsUNFxzusfYLn72fEgacVcUM2oaCLmFmkjWUA7t_27WbYRo7GSJ2U86b4IWFCOp4Wt-DMkdQ8Q-M-0GP7V5oJqLqTG6xEfhXW268nKVA909NjqBd0n9UV59yZtlywR4YyJbaJOmuP3DK-yAAv3S4JiC-cbdZ7UOecOlQURGFb9Tj5Bu_heo_F1PQw-wASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1661705507030&ai=CC5FeIp0LY_CwG4GG-cAPquCpQKaQsPBrjd6zmqAQ8a_q4qIyEAEgw7TnA2CV4pCCoAegAYK9m8QoyAEFqQI5yF3Cno5tPqgDAcgDmwSqBJ0CT9BcAjGUrTL-vSXGGylH1rUH-uOl0Esr5894o1ybUBS3_LBbWvCQHhHFGreXmnBuOHuFG_Hl0paOMDih3mAwBeyz3yFX_5KPU4mW7qtCFMJeuQKUWri5jIVOjDehkfS9aaebpAK4FgUx0YjVi0Y_SZ3Qgve77lzNdVx18oXFR0VpA6QdZAbRIoMxfEnKF1dTp6AsUNFxzusfYLn72fEgacVcUM2oaCLmFmkjWUA7t_27WbYRo7GSJ2U86b4IWFCOp4Wt-DMkdQ8Q-M-0GP7V5oJqLqTG6xEfhXW268nKVA909NjqBd0n9UV59yZtlywR4YyJbaJOmuP3DK-yAAv3S4JiC-cbdZ7UOecOlQURGFb9Tj5Bu_heo_F1PQw-wASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DFD2 28 KB
16 KB 104ms
51ms XHR
text/xml 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C4G4K587ReCEwcprF9q3ZbuwkVRpFnoXneNRzUgChOAbsCYWH8F3TWzR5CSrhdrjU-a_VJTh2W3QL6Ur1hwWwHEhvLqA&cry=1&dbm_d=AKAmf-AR36NfRLlaaOzrg9PXOAxIdSLjyPZKS99gJFwAV27L5g_qbEdI-uRebZaMHsEKHJpwgHuqsD-fO5tthDreYwp_xqCipe1nGsCGFlXkG23ORzIWskoumXq2RNBGHcF5PDrkqosVJmkQuTIDNl2V3smBrILynRoQXiNQUXQaKiXaKj_ZvXaLIQ-ZZ_ZFVGn3ul8WH5NNFddUrUVn4lJRV_OfN_BEpaacRKAlOZdRFhiTAtUxE8QfeGl9CDnAK7keK2VeuENHLMDl1BK-OwsQ1am7eLZtEsXxV4s6UeHPZndzz2DPGS0lvMrys9L_KEp0JRts7Ygb3TnfTsjD99q-zh5xi_Yi_tFGY96FMjV8A8Ri_92X4jpWrPIN5hXiZ6KNT-xc46nLJIg9_kBS-0h6uMFY4Sss6tpn8ohxeTuOmVGuvG0Gu7IoUHlJVIRCAhEgTKS5ocpKhQdmSVOT5ONzFqIlXDieoem7SkOSfruM-coCTt4PQE4U8Lasj0mHonoTADMDvvynV_nX_VssaXXQgT-OY0yG6M7HO2ZIe3cQwUriIriyIAV5Dt6217bL8BHqrZp52K9nuJzvFHwat9EnND_ZdZQvDGkArveiXZJL00rBIqwd4KkRGZwMyl8dOLw87_zcaUKw-6ijLhIwbmdrsWidtCVsG4pGGcF1nhvssyi_VCJqRVgMc8dnBsRgAYZZNZk2OAmH1jIjHNSbp-i4WFKwMRqGozTT8ImFdDs1ApYjHS9A5yjfSkn3KbwlDSQ-sdu1do8wIj4X7jjQ_uAIvvCVzjzw95plO6fEgqqhTeJiQXO7F_nA9-Hz4koSBxqMtUkx0yrvmHYo63sd-4u-WNfbXSW1U9iZT6LJPZO8ebtmB6PGwwLCOaC69xdTskmVeDB8N6oPVQsZvwh3ExNT1ReCsVhdAW5Dw2pH6IOBnofEJB9n1i9GsJTu5BM5SQlm3cV7eYuPVi7wkhvnpflAJvRnvNRTmc_7miJ0p2WKzVFDxvNbVw7OPDet5H-eSRtVCrNOS_GR051u6pWooIN69ubgVOa2AMpX6vMWqVaq6rJmBaLFdmxjtlsuQs-fj3iWfavEWkbI7YkoiskXVtwFlQ2dWPJx6Age4aBkZZAk1X-VRGzVsG32zBIWjGstmKpHYcyv607RoQRtACmTMY_zBtLjMycwPd92S2KML0KHx-0O7OPQD3QbNDxijW63Vt0zHVw_-LTfen1GlRxMs2IkcxmV2tIQp1msBPXycae5Q9DIlY_GR0km3U6CsV8zXgyl0PkluUW_fhclFxPDHW9uCqto9XZY4quHQwb4n1iFrDXu6xLhD0sJQfCTUH7D4npQhJlMtLaFZtfXAursKoI2iWpIcTEButz1w893jsl7lRIp76bLp9ByapX2YQQyDyMZ9B3FY_jn6gsLgTwkH-gqX3-8iOlm01XxAQhYczsKWF48c5wEIuExRTLvKgHcFyROsZ7Ze5wxao5ZqM1OXPHDfzEcAbwTesPZV5KjHpUpgfhlpPQtEfJmGWWYHYvH4oIrS2tNKmOCaLzf9mcojjVomZdhP_T-jIOMCHxHSAHw7r2PhBKwcETcginrVM0w3SZmXij08LftYPIxVAtx7tDXcHjFboGLbpofo5CZjFg-YcJcItefK9RDCUFNVm5Mh4T638MSIfAHT1Ja9FofZkesubUuQAyvGqHy5aNiXoa86FArb28A4_WKC7rTdrUw6aE_ycSWEZReTnXsmlZQosjF--5g0QDMYALFVVbCsedfbid_eh3JnVUPZrd-UBzIpX-2vdZ4PRg2iDsNwrl9uLgl8izthflsKDqQq0z2hgMp0J6mUBvR3FcC5hLy5UjP7x1f_hhdzif552H_vNWRgVEsIcAB14EbP-U2jzcjnufEeyGhnBI46EsSaA-eiXaYtKORkFBagqYT70g9vLEBY2pc8LG13imkLNfVjzEP59VkC8zU4R9ZKNZfbWK4mJZlh24fDYHrohJUiKLu6dRSFTwWld5mzeGZCsOsmfwVeKdQLllv-Rd7w3GgNSiwUktdYfUbjLZhSQtRJn8DPWY0-brtPKs7wCkfemrZ-Y7VviX49LH0mOuMm1scDGGVD9CmOn2Jq7lGs6p7r88ioVUmblLbAOcpLrPwkOe1VoPoZX72KP_QLtFjGglxexdGG5Qno1-WAo-hkVTPR-LeZQucdykLamfK14_TQLuyfNwwLsk1UyjwZ9h8qaxdyvzMo1wivtVgy-1pfO7Y_nt74PsGVIjmLBBNT0sMhTuNX6sj6N2MPgjSq0iOM187erk8xOCVUvAjJW6uxd_RB-IRktFPoTEzAy_Cj3c3XWbWVZFkLAO7mHgWiwkptX3oXMC19UzwYpfZh7sxNRqA4yIngNRZXhSSeKBwE7NbaeWEqmGz9G0HiS7a5sQfxgDXbusZpvbqzj6MlJvOCQw8Qgyc-OH-siLSc2pQwTFVdXv0OxdDb40lhxDMls7hiXOPalfyLTAK3-pvrLS90uDmra3OTihUPRVYS1DY8BMQL1xZpQCofa2awKCxYJBOicYJ0R9sEHMJHFWu8MB7lE6t00pakDwWzVAjv91-aALDlfwKEK1QGkuHZvekeYO3zeBUaWibK-lJh6iiOU9RFmrHKXS5NmwVc31LzXdVqaUU70_BUHre5BQgRd50eXZE-8Veh0AFBSmFbGZReaGs4Q8X_qmSFc-NjK4ABloi5gep_YBEUiN0u59Wnlgosz5vqzTRWZaystp2yXhowtgUHG41CAy4HCDipzC2fuwpzZntj4A6dmC4sHqM5vzdSF0srnhUJxWreEg-FHt7j914TIJan0iUFWqwheZmn_9Th63a3HT6LRY6RDB8dg4bvZ7OCT_27PmyWvUEISJg6p2kyLo_AJRB8CYwhKrqJrt_QsnhT96XAuRI5wuX3JQXuFCv_piXaI-oeaL-rc1FKh5N9B_IkIkRf4Of2DXlSUZ7CMQcHAb8JfUKDQ2jt9yOJO9Q1eZeeD1Wz7_kvBfQP894KRlFyPNGSFyhgKk_omGhHaare1Po-AdOUmATxyJMYu7bjbehOHExAQz1BFxeO0qZ6B7r7YJyYe3GOv6WlpUCeptuXBPCyCm9cP6_sydKqgyGcX7UgL0Wklq4G1BrsyWqgCxeDDhY8VP8uIxcm7We26ADTJbujTXTTI0i13sAlfKNp7IV8u6G6xUf9v5Z0pMIygU7UskCzBgWxbFm_1KcvofyClWDHELdwws0MtRiU9xLeUC_Pe73e5b2iZ8DRP5ivN0aPQsmTjAK-fsuUr4mQKOdCfA3on_BXTswGdhUuMcuNmAY-9ujwhQGLOmgx5oXNku_3ch3sOvZbjDYbUqf9pV01W5b53Uz_vIcQEfYLj3rZei41Bmh4LdjgH6mtyuaOiyc2wSNHIQHQqMIYvbl0P71EuqcmSRJvP94f3t0WbJJ3RymIzWwMt6fxDYMszich3YjG-xfPaFnvGny99LzCS_AKUUgQfBrKY6WuR1Jsw7tPxGRV7LD4VKDleiASSnt2POsrs4IYPtjpMBUrN-iYhePhzeM66I8pqVeWek0EM7VOSq6tkO2gvDEPPJRZ5n7TE-ApTGkWcpmqOYDp63gYFpjD5eWq6IFxwYXVlXDQRbMS6imQku63p2k2d9PydXMlskdopf4phHDNne8-Jh0N0UsDUFi-MIPP9IHPxsvTLxBCbw&cid=CAASBORoz6E&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

f18a2975904f7a3658c4d23626b3710d4ebcbc28ad1b7e17e2aad069cd556ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15749
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFD2 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNMXiIp0LY_CwG4GG-cAPquCpQKaQsPBrjd6zmqAQ8a_q4qIyEAEgw7TnA2CV4pCCoAegAYK9m8QoyAEFqQI5yF3Cno5tPqgDAaoEmgJP0FwCMZStMv69JcYbKUfWtQf646XQSyvnz3ijXJtQFLf8sFta8JAeEcUat5eacG44e4Ub8eXSlo4wOKHeYDAF7LPfIVf_ko9TiZbuq0IUwl65ApRauLmMhU6MN6GR9L1pp5ukArgWBTHRiNWLRj9JndCC97vuXM11XHXyhcVHRWkDpB1kBtEigzF8ScoXV1OnoCxQ0XHO6x9gufvZ8SBpxVxQzahoIuYWaSNZQDu3_btZthGjsZInZTzpvghYUI6nha34MyR1DxD4z7QY_tXmgmoupMbrER-FdbazyCgDBA4p6XizF8WKopvLoMbqlLrrMH1nHpLGwv3appsY_Gz4_9qCbTNbhlShCwQp05sweuX6wbvEHzxzCfXABIPwqdiVBOAEA4gFk77YskOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwkQikEYl9DVzgHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbAT_5KZEMgThpiC4QPYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMzI4MjAxNzY1NDUyMjIxMhgA&sigh=tEaa67aLbKs&uach_m=[UACH]&cid=CAQSGwCsnQUxRX_PpJ5l8sJuCU77TjTct9q2WcG-Tg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=6323406103&adk=2386168346&adf=4140416920&pi=t.ma~as.6323406103&w=728&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506110&bpp=1&bdt=738&idt=222&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=873x280&correlator=3059453056081&frm=20&pv=1&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WdBGAZ5QWP&p=https%3A//portableapps.com&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Aug 2022 16:51:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
DATA 200
OK truncated
/ Frame DFD2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac31648850591568b62d780d93eb2197e965457d0f18cb5a139e7a000975ee02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ 149 KB
53 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/reactive_library_fy2021.js?bust=31069152

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ac81ca9b4ac45cb8b47c4ef808fcd9d9ea2342630f8ed4f72439d79b24ca4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54512
x-xss-protection: 0
server: cafe
etag: 321605356497920810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DFD2 41 KB
15 KB 144ms
61ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 08:18:39 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DFD2
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

184ms
14ms

Fetch
video/mp4

2a00:1450:400e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F484BC29FDD626236DE080F4D7CA2455B477DFF.76F1BBD305685920600313519A70C3CCE7342C90/key/cms1/cms_redirect/yes/mh/3l/mip/2a03:1b20:6:f011::8e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1661704601/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:51:47 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 6389289
Last-Modified: Tue, 05 Jul 2022 12:12:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 28 Aug 2022 16:51:47 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:51:47 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F484BC29FDD626236DE080F4D7CA2455B477DFF.76F1BBD305685920600313519A70C3CCE7342C90/key/cms1/cms_redirect/yes/mh/3l/mip/2a03:1b20:6:f011::8e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1661704601/mv/u/mvi/4/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1393546443762947025
tpc.googlesyndication.com/simgad/ Frame 6767 8 KB
8 KB 61ms
48ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1393546443762947025?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlWbQSHPwUAC63oxpdQNZDLBw4q9g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=2295297607&adk=3607957652&adf=1477126531&pi=t.ma~as.2295297607&w=873&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=873x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506107&bpp=3&bdt=736&idt=205&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&correlator=3059453056081&frm=20&pv=2&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=557&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8VxS3xee4q&p=https%3A//portableapps.com&dtd=219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db4368fa47cda918d16d9a4663f6a23f0be11a74de88657e29ecd05b369031c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 10:30:45 GMT
x-content-type-options: nosniff
age: 195662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7722
x-xss-protection: 0
last-modified: Sat, 20 Feb 2021 15:28:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Aug 2023 10:30:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 6767 23 KB
9 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6767 3 KB
1 KB 69ms
61ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:24:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6767 140 KB
44 KB 61ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6767 17 KB
7 KB 47ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:46:42 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6767 32 KB
13 KB 81ms
73ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9091dec867a1dc7341bf0aa79915415e24203019aa46230a6210b98187493570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 10:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
server: cafe
etag: 1188449327864671977
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 10:02:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6767 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMLfeIp0LY9yrGuWGx_AP5NmViAzJ39XvavHvl5uPEN_apZaPDhABIMO05wNgleKQgqAHoAHxmqDQAcgBAqgDAcgDyQSqBO8CT9AgaRFaIUcKEnvJPafgOATDjywyxx0_DW8-rJK8Zw59loW7dUPjjT-nvvDp-lKGQotcbgXG75sFI_SQM-dEBDDZQKzON_o2-5FspjtqnsQ1C3hwQNZ1xuKnRNH0U7FmA3Za3SwB9afBmoaAha-KBiiW2F_-ZJE_vW9IL6fV717HpMUQ5dy8Uvt89yI3BrFArvDUJHDySUxfl2iTutLaWtWW8fQmrjMVtybJBhzSTul02zHCI1UQa5H9Zys8ibn3g7068mrrb91suNL-XHG0mvaL0F_lX9XybhRGXDINbRqtwB3_BJMhQcPjsx-OS1JHCAdGl1MypNY8v5ravBs4Nn3PP30304azrFsvm1fOUO7wmkcLHfSU3CYv4puiJ0MUvpf9dlzZNhkzgUXbDM8TL228jQP8OEiGz-RoTqd3qIY0zZAkf_UH5l1vp5pMmanjv57HIspJ6ABpxCSPYsrHUUou5eCRkC8m3rs85GWhIcAEk6La65MEkgUECAQYAZIFBAgFGASgBgKAB_fk368CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQleNN0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzI4MjAxNzY1NDUyMjIxMhgA&sigh=6FYgWatxtQQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=2295297607&adk=3607957652&adf=1477126531&pi=t.ma~as.2295297607&w=873&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=873x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506107&bpp=3&bdt=736&idt=205&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&correlator=3059453056081&frm=20&pv=2&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=557&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8VxS3xee4q&p=https%3A//portableapps.com&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Aug 2022 16:51:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 128ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portableapps.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portableapps.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame E445 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 21:09:44 GMT
etag: 8616628553774171045
expires: Sat, 10 Sep 2022 21:09:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E445 8 KB
893 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 16:31:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Aug 2022 16:51:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E445 2 KB
902 B 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:16:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E445 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C75lWIp0LY7m6Gseo7gPLtasI0_yxiGyC1abp8A_Z2R4QASDDtOcDYJXikIKgB6ABrPK4vwHIAQmpAnIe5tINzgk-qAMByAPLhIACqgSBA0_Q6JX0xI4H0OqisCOtHFjOG8_3zV81M-laA61or4cohJitk1tlrk4eN45tpJO_OflfFSyzeBltY91TazGXs_JnV6Z1mcVTg6xfhgzb9M5V-2_XZCzBC7JxgfVH-N5SnRfTy4P_k-EsyunTXdpmlSMAmzqGVZdp43wwLJtmQ_i-XzPTZEneqqsOKt76koKskY0JkTQ-6VTdTh4qooFkwaqSw7bxgfQPrGjLhurHHe1_IXXa_vwLeIc_L-UOO3TbDns-2Pbh78wHXTc1A9NG09LMsjBtgL442htJ1fdQKex3nBsb5nceaZAk0mTuquSRaBMcbJVT0uiL3yQgR0Ne96Bm1PMLPBlIGqV9iY5bpm7DM7fsK4n2qXmo0wUUwulY-gPQaPfikxoVLUBGYst80VeU4LVjiXx71zkJ_m7MM7DA9lcUZO6N5B3gf3194YxnOlVtSBbi2bbMudMf75zmrQeBZOiLPDyxgfZv-0l71aY75Tx2PAaJPQaVEVfPKh8O9unABJC4k6riA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe8jcfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKS_BtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQF0BUBmBYBgBcBshccChoIABIUcHViLTMyODIwMTc2NTQ1MjIyMTIYAA&sigh=68FUBdWRYvY&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Aug 2022 16:51:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame E445 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E445 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:24:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E445 17 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:46:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E445 140 KB
43 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame E445 33 KB
14 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17654856520366721004/ Frame E445 16 KB
16 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17654856520366721004/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a034ab851ba8002f9f7268b7c4b68b4c1944e44d1b703478b574e319553f18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:26:19 GMT
x-content-type-options: nosniff
age: 51928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16763
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 05:15:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 28 Aug 2023 02:26:19 GMT

GET
DATA 200
OK truncated
/ Frame E445 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E445 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E08A 143 B
163 B 41ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3282017654522212&output=html&h=280&slotname=2295297607&adk=3607957652&adf=1477126531&pi=t.ma~as.2295297607&w=873&fwrn=4&fwrnh=100&lmt=1661705504&rafmt=1&psa=0&format=873x280&url=https%3A%2F%2Fportableapps.com%2Fdownloading%2F%3Fa%3DFirefoxPortableLegacy52%26n%3DMozilla%2520Firefox%252C%2520Portable%2520Edition%2520Legacy%2520%252052%26s%3Ds%26p%26d%3Dpa%26f%3DFirefoxPortableLegacy52_52.9.0_English.paf.exe&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661705506107&bpp=3&bdt=736&idt=205&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&correlator=3059453056081&frm=20&pv=2&ga_vid=1720985855.1661705506&ga_sid=1661705506&ga_hid=1723500416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=557&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=1394496136026269&tmod=886153230&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8VxS3xee4q&p=https%3A//portableapps.com&dtd=219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 28 Aug 2022 16:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7AD3 247 B
962 B 127ms
39ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5cf70856b5ac936cbad7bb6888f1a8b68681e40e2886aa8199c7509925bab17b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-rFgIaskcjCweoBXBR5zCNQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6240 23 KB
9 KB 38ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 10:25:48 GMT
expires: Wed, 23 Aug 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6767 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5189fc98f412f8883bfe1789a7e8f18655c895f3f4c75bcb0e30ef36f2c413b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E445 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca3ce5c42a3b0429f6340234d437c0233ffe91e58c9335a196ac5d1de4bff16e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E08A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

51ms
50ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:47 GMT
expires: Sun, 28 Aug 2022 16:51:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6240 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 07:20:40 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame E025 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 07:20:40 GMT

GET
H3 200 iframe.html Show response
p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7AD3 4 KB
2 KB 105ms
40ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

59791691946d25aea409a582c069399a46d1ffeaf9fb30d90e30bf24a32270e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1860
content-security-policy-report-only: script-src 'nonce-HJk3aCXKhBptORPL_oeL3w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r4---sn-5hnekn76.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693241507/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DFD2 195 KB
0 30ms
14ms Media
video/mp4 2a00:1450:400e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-6389288/6389289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 6389289
expires: Sun, 28 Aug 2022 16:51:47 GMT
last-modified: Tue, 05 Jul 2022 12:12:01 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6240 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BM9dkI50LY6z_Bpa0nsEPrqapgAcAAAAAOAHgBAI&bg=!8fKl8rbNAAYUOm8VNDo7ACkAdvg8WmGwVwu6xCMXLnqDRtP9uvSypUvUpkBI9728Fx3ilu7fLOZ3WQIAAAB3UgAAAAFoAQeZAvfBO4FrUscZVdANOvAh7ABr17ZiFHkiSMJAJzISyVCSs_wVONBpS1drRfW-Pre7C0oaKGUpi5Yp-n1dBMfEQYUVT4iGLKmvoMQrErZP63w-0l8tq5_IAauouI-6ddkwX95utkOrhzMXLVGwzvjl0bl8U7hqRJZxVGxGNX8BINwUGVVZK49UVIvPrjq7ZUQzS0Xw3oatNOeT8QvUSkKqoAk2ka-y0yPyN485-CM4IUN44JFvSYwrLQwiL0g9Ocz_JGnbmPCnC2F6OEXhvL33SdGyur4smLdpewP8WsguBbCRXSG_XtBcF7psxygaZ37ya-o8HI0gqKLrEDSz_DzQbEbckSZTvoybS4sl2ndBREVqApSblUwJAcXuW5MayYSS16EjQXcURl0oR74bJlQieqz8A14bOwa3Q5WQJktDcn0ivTu24DLowdkGS54Kkh90yQrNLPkzkLm_r4pOe5FkwdJ3QhhfSbMxQDFqie80s05rqCkO0z0UJGNO01sbEY6pR1co6rYi3KFChX9Mw5YWIW9s3N3InVGZ5XUZVk9PaQUXC8b1B8IQU9Kftl-yLZWyXpp3oCpFhA90SJNfbbz3fbmKRnra6QoBlGUchcS2IGmZAwMslGHZ9w1KeyP4S18Qa4EqEas79ANevaav6gyDkBEeHnoHgXH0kUzRP3st5JMZtsADVFEdfLHzKNxmtss3vTfN_D7Zo0QpwuqjzWcdmuCA5Vu2D83hFgJnWOVr-R_6QUKjkQjul50yUIMncLYs8UIfRSTUTx_qIES4nE-WwsEaRBNQM9qetVWXG2Tcm6Q01PbI7a0YL5oWJszFihpF4Vc08ha2OxTnIw0PUs5eZSSykKkbu7z0XHghMxqSV6QPcT4Ywdfgs6TUZ0KOToR0jKEL-INXmC3NeMOvrRCJPgvQzXqMQs1oaVvrXGdl_Xe-igAM6JtCvOsZYDZolK6KKMn2S6Gu_8y9DobEUbvVO-ZkSL7iJ3Z6ZlcfLzHPS9xtQCTJpNWjtS8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 318ms
222ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34758ded99630a4a23083e99d92398670e7ae7ea3acb6123e81e9503c2703f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11057
x-xss-protection: 0

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 06E5 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 07:20:40 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 16:51:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9718 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 15:40:53 GMT
expires: Mon, 28 Aug 2023 15:40:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 543A 783 B
537 B 121ms
45ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b7836f1f6e5732e910e2d99309ca82d928a4a8bed81396f13565d953aee25b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ApR78dV2Bjo2qDo7PvzS5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portableapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-ApR78dV2Bjo2qDo7PvzS5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:51:48 GMT
expires: Sun, 28 Aug 2022 16:51:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9718 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 07:20:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 543A 0
0 74ms
73ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=1394496136026269&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9718 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mMyMPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:51:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6767 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutqdk63jOxZ2KLx_bYGlu5sUWO_uR6uWlWaQR0-WwmB6tX-KpMFlfahwdj64F9VPrpWFMDGAfrlQhVw-n_1-8UIJX4CjKSAcNqCs5DIGxgn2D-nvGM9DJH3pDyArsPm5klh0ZtLA&sai=AMfl-YSl3eMjUcz112cvJCS9FX5pnYq5l-E5rKd-908BK6BU1-bIgT-VO-ghdr0LdYTgpKqWCD3puVTKyvzE&sig=Cg0ArKJSzOi8UNXiI6DaEAE&id=lidar2&mcvt=1000&p=0,0,225,873&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3607957652&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661705506327&rpt=1036&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFD2 0
17 B 84ms
39ms Ping
image/gif 2a00:1450:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7dkjz6f&c=7811879792292&slotId=3905939896146&qqid=CPDJu7P_6fkCFQFDHgIdKnAKCA&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=963&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E445 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJ7_MyiVxazJdrtp1g-JOTCr5tvniycYb7aJuRakLTifEr1Uhwy3IS5_zndBdjAfBAunLrFTcFFuztrGvgJU9BVLa6Lrva28FzpZbM6KWo6NMC7EWmlbTNU8SCzrKUIaGAqwa4Zg&sai=AMfl-YQvvTVvKIPAZcHkXY2nRbCobAUBnNcwWXhS9TGTIqMT9hA7O2uuMdZOvnMI_AF7HtTVhril-kk_3SAh&sig=Cg0ArKJSzIL9wswOv6FGEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=85,768,1000,1083,1184&tos=85,683,232,83,101&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661705507238&rpt=219&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:51:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=1394496136026269&bg=!TU6lTgrNAAYUOm8VNDo7ACkAdvg8Wpb-tph17w-z7tOmRCCuOSXmk28moQOtvqT428SDJPg2OUjs5QIAAABLUgAAAAJoAQeZAtEa2u9U-jNWGqaiPTR6WIH2NJl_ZEeo5hIVvhO6AEsjpjIpR9iOgcQqw2PmUuS7iPh5p5tbVE_45SxQ6VzU7sCUXfEXVheWqEy3Pqzo1Y1-dAbiV-QUZentLm5ps1m48PUTeGY3XoOYilTRDa1CYvQoATWrpc7PYyChUvbAMRMWpREeSq_MB3-aunqUgCtwp5_RTOAFn3-l7n3iLN5YDMFNVRa9-pqqflI8yOh-CoZl3Xh8sIkygLEpejaDgM5cUwp6sDrofeVruP4M1UnMbghNHvvE-ruZpdaslseAhR_0SSuYn6Oz1sJDCPRxwWE0qQG3UKbt4wX0CwhWew7Wl_15pcNZ_-E2Fr1VyCiiLxwdGVbPCWV26OdcusgoUGi32_7o9-8_arRxb1hCnkYEERahbFvbX-DFKm75CKx01d-W26Ls4N3jTXvu-ToK0-Rc-QbjHjjVjGHXa6D8-8D97D2_h9seQz9EQFDzHUFrceifyaj8UrezMMzlmA4XO6mNPSgYZnKNaX02Kkq7rFVcEOD_uq2Asq782cWXWP4sUSf5Wffnq1MGSVs8tAtWcLV6RStzY1YE_boKhK-8kG3EkO7x9Yt_1Mlo4uJZIxJ__gbU92aihNzNJXDdUXMWyH2sr-8aYSOZShLEfdiER0CnHWCjcQVPgweY3zmwZwqPIevXjPdFVM0Ku7XUJ0Sb4gCNtYr-h2ZZ-2YHZ8_w1NhaW-Y3DEBk867MATGX6cfmBgqYTsEwQS04-PxYIe-RvJPn4oK45QazKEqwbxZHpnjV31NVoajRrvwA5mj9AWRUvRzbuzV2r6CrXHQvBeER3uHqSbAPfTrm-U02nJMCTx0W4trNfyCtA4vilRDpBiR3B79IHslE-ErTqTf6Uq0oVuYnhqjFi-g91ZVeg3FkQ8nx7REqd-OYqFvx3fDrBRpkvKROL6IZnlvFmkM3Y6K_xUlLzCXI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portableapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.portableapps.com/	1970-01-20 15:11:05	Name: _ga_WHB3ZZ535L Value: GS1.1.1661705506.1.0.1661705506.60.0.0
.portableapps.com/	1970-01-20 15:11:05	Name: _ga Value: GA1.1.1720985855.1661705506
.portableapps.com/	1970-01-20 14:56:41	Name: __gads Value: ID=0a1ecd2dd8d9ec7d-22dc406c0bce0041:T=1661705506:RT=1661705506:S=ALNI_MbTaezpx5ibxKR6rsaqsnaoOcp0fA
.doubleclick.net/	1970-01-20 14:56:41	Name: IDE Value: AHWqTUnPTB1tO1KvrcRFRMiBp97EeNu-JstmGASB0TNrWvVgYZ_7ixx_Ppee1RNFDC8
.doubleclick.net/	1970-01-20 05:35:09	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn2.portableapps.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
p4-cehng7yeqnznw-3nbkbcu2t6uiatvg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
portableapps.com
r4---sn-5hnekn76.c.2mdn.net
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.239.166.87
142.250.186.67
2001:4860:4802:34::36
205.185.216.10
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4007:80a::2003
2a00:1450:400c:c06::9d
2a00:1450:400e::9
74.125.133.155
0235792cfae40ba5323b0cb3a62c0e88033c9bb98e05179e47abfc0eb52bca1e
07f580725b48184181b55259d5d7acc101c89128c09c444bc8a29fe504d3c31a
0a034ab851ba8002f9f7268b7c4b68b4c1944e44d1b703478b574e319553f18b
0c3947c998c161d13363e41fb655cb07088ce03892929fb4eb04f7a067384733
0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189f0747e2846498eaa4964cdf4c77fc6805829602191ce25579021950199d0d
1956bc1e1bc18fa09ba109e05e467e0ee71841ffa5ed5edfd6f2f916e83b5e3e
1997f763b02ae0dd5e47e15989861139503e5eb8351d9d6cd4c3e44d2559b93e
1c48ed9cea2b4bb5ac4be85e747ee6e856ac5483375f15d5952c4753c6c3559c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
2d25f258e2a3b7f891c9deb4bd2801272c342adc6e644aada9789ef2a11ee504
34758ded99630a4a23083e99d92398670e7ae7ea3acb6123e81e9503c2703f04
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
445d226f5f9d3105e57ee8658698153c8334983101ba57e3363b164bf4291350
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e6569e86deba2b47f9afce6d977d527f9ce1cd37c9f5d9354b56149fde7d217
5189fc98f412f8883bfe1789a7e8f18655c895f3f4c75bcb0e30ef36f2c413b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
59791691946d25aea409a582c069399a46d1ffeaf9fb30d90e30bf24a32270e2
5cf70856b5ac936cbad7bb6888f1a8b68681e40e2886aa8199c7509925bab17b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a0c65a5a1136016574709e8be949cade2cee78fb2bbea201636577304ebef6
63ae85fe638fa31f504e079a6c5362cd89fb71684602f4e7d5695a71f0186c55
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
73eee1b484a3a6273142eac5c3ed9be3e38778a8ab4f6277f0cc4889c2502b32
766f8c34701f859ca4fdfdba4184bdc14296ec157a11d4861555ddaf539a6d33
7a1f8774ffb81cbd36edbf3e9ec297e8bf6bba34245c668d4a280b99806b75e5
7a622e2c6d7717fe17fd955569bc17b8d9f4277ff21157940ae4570070748b78
7b7836f1f6e5732e910e2d99309ca82d928a4a8bed81396f13565d953aee25b0
88d6b85f9767156e76bffe17ce7d268995719ba35ff33b3f08816409707f3ca9
89ac81ca9b4ac45cb8b47c4ef808fcd9d9ea2342630f8ed4f72439d79b24ca4c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d180125c4da5da4436f35ac4155c5342de07e2467f5a37b8b3f66e9ed9b2088
8ecb87127e171d13ac1b8f8b6be7aaadb35654e00c194dfe8aad3e9e4d2a75fd
9091dec867a1dc7341bf0aa79915415e24203019aa46230a6210b98187493570
96dce0e0b24f4f567b49dbf2e2e6352aa45b863ce7b2043835013dfc572fbe81
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9e84b8451e181d4237d7357dbe138adbf14db2209b63d02728d577ea6efa9d0e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac31648850591568b62d780d93eb2197e965457d0f18cb5a139e7a000975ee02
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bc0513d69cb43097ee39832dc5c3b288ae614b6d1cd5c416210fd0d7a3973c6d
c243f674add92a6c59b55a85415fd3d8eda0ec138a412d2c1b862e58f6cb994e
ca3ce5c42a3b0429f6340234d437c0233ffe91e58c9335a196ac5d1de4bff16e
cff6e08a97cb895a7b49908f4eb917d0581d08cc46d43169f1096476f3fe0c7d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dae6a6ed6dddbc3fe372c61c04a100a7d5d4980faf2a56af1691e66a471d6dbb
db4368fa47cda918d16d9a4663f6a23f0be11a74de88657e29ecd05b369031c2
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ead6038b152a2ea016c9a7582fc94089766dcd34cd5b89c4ebce9197b7f4f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f18a2975904f7a3658c4d23626b3710d4ebcbc28ad1b7e17e2aad069cd556ccd
f2bf9e4126d80ae31cd143c8aa5eb99aab62d1f4c2a4c943efb659f885850bc4
f3072b13a84412162408ce4cc3a766946ecb338bf4cf30a3376e29896ed6f2cd
f519899f704cfaf407aefa4f1d2776d0543c7b47158e1d8739b498012ce2c249
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

portableapps.com Open in urlscan Pro 104.239.166.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

82 %IPv6

11 Domains

23 Subdomains

22 IPs

4 Countries

1044 kBTransfer

2861 kBSize

5 Cookies

4 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portableapps.com Open in urlscan Pro
104.239.166.87 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

82 %
IPv6

11
Domains

23
Subdomains

22
IPs

4
Countries

1044 kB
Transfer

2861 kB
Size

5
Cookies

90 HTTP transactions
5 data transactions