mac.downloads.freemac.org Open in urlscan Pro
173.254.28.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apple.downloads.onemac.net/
Effective URL:
http://mac.downloads.freemac.org/
Submission Tags: @phishunt_io
Submission: On September 10 via api (September 10th 2020, 7:49:50 pm UTC) from ES

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 173.254.28.222, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mac.downloads.freemac.org.

This is the only time mac.downloads.freemac.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.254.28.237 173.254.28.237	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 4	173.254.28.222 173.254.28.222	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
16	5

1 173.254.28.237 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2025.justhost.com

apple.downloads.onemac.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.254.28.222 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2020.justhost.com

download.center.freemac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mac.downloads.freemac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freemac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	144 KB
4	freemac.org 1 redirects download.center.freemac.org mac.downloads.freemac.org freemac.org	71 KB
3	doubleclick.net googleads.g.doubleclick.net
2	google.com www.google.com adservice.google.com	3 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	890 B
1	onemac.net 1 redirects apple.downloads.onemac.net	104 B
16	7

	Domain	Requested by
4	pagead2.googlesyndication.com	mac.downloads.freemac.org pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	mac.downloads.freemac.org	mac.downloads.freemac.org
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	mac.downloads.freemac.org
1	freemac.org	mac.downloads.freemac.org
1	download.center.freemac.org	1 redirects
1	apple.downloads.onemac.net	1 redirects
16	11

This site contains links to these domains. Also see Links.

Domain
freemac.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://mac.downloads.freemac.org/
Frame ID: 786B3BA203356215B872BDD21F24861A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html
Frame ID: 67F98D21A09FE5D7DE38E44932A0D53C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7796957396925846&output=html&h=280&slotname=1107264669&adk=1034397947&adf=683863926&w=1200&fwrn=4&fwrnh=100&lmt=1563982706&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599767372198&bpp=14&bdt=255&idt=167&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=255342238048&frm=20&pv=2&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=2738&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PXJ8oPQOX4&p=http%3A//mac.downloads.freemac.org&dtd=189
Frame ID: AA6A80313D204EDF0CCE0F39AD7F147C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7796957396925846&output=html&adk=1812271804&adf=3025194257&lmt=1563982706&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&ea=0&flash=0&pra=7&wgl=1&dt=1599767372212&bpp=2&bdt=269&idt=190&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=255342238048&frm=20&pv=1&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=10930&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 3B57CFDEC68805175C889893A89C2D28
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 2A7C3EEF2B0AA0F8DDA8A4CE1BB852B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://apple.downloads.onemac.net/ HTTP 301
http://download.center.freemac.org/ HTTP 301
http://mac.downloads.freemac.org/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

75 %
HTTPS

67 %
IPv6

7
Domains

11
Subdomains

5
IPs

2
Countries

245 kB
Transfer

530 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://freemac.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apple.downloads.onemac.net/ HTTP 301
http://download.center.freemac.org/ HTTP 301
http://mac.downloads.freemac.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mac.downloads.freemac.org/
Redirect Chain

https://apple.downloads.onemac.net/
http://download.center.freemac.org/
http://mac.downloads.freemac.org/

10 KB
4 KB

701ms
390ms

Document
text/html

173.254.28.222
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://mac.downloads.freemac.org/
Protocol: HTTP/1.1
Server: 173.254.28.222 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just2020.justhost.com
Software: nginx/1.19.0 /
Resource Hash: b60e70dc8cf03fd6e53942c614f1040db567f7a2dae8f77db60244b199ea3de3

Request headers

Host: mac.downloads.freemac.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 19:49:31 GMT
Server: nginx/1.19.0
Content-Type: text/html
Content-Length: 3669
Last-Modified: Wed, 24 Jul 2019 15:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

Redirect headers

Date: Thu, 10 Sep 2020 19:49:31 GMT
Server: Apache
Location: http://mac.downloads.freemac.org/
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK FreeMac-Header-h.png
freemac.org/FreeMac/ 66 KB
67 KB 521ms
374ms Image
image/png 173.254.28.222
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freemac.org/FreeMac/FreeMac-Header-h.png
Requested by: Host: mac.downloads.freemac.org
URL: http://mac.downloads.freemac.org/
Protocol: HTTP/1.1
Server: 173.254.28.222 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just2020.justhost.com
Software: Apache /
Resource Hash: 07c0fe7a3d1723c2cd6933a50e7ae04ae1442147ec1865af76fcb43c0672acf4

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 19:49:32 GMT
Last-Modified: Sun, 16 Feb 2014 15:48:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 67904

GET
H/1.1 500
Internal Server Error liveclock.js
mac.downloads.freemac.org/clockjs/ 0
0 233ms
232ms Script
text/html 173.254.28.222
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://mac.downloads.freemac.org/clockjs/liveclock.js
Requested by: Host: mac.downloads.freemac.org
URL: http://mac.downloads.freemac.org/
Protocol: HTTP/1.1
Server: 173.254.28.222 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just2020.justhost.com
Software: nginx/1.19.0 /
Resource Hash

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 19:49:32 GMT
Server: nginx/1.19.0
Connection: close
Content-Length: 679
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK show_afs_search.js Show response
www.google.com/afsonline/ 3 KB
2 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/afsonline/show_afs_search.js

Requested by

Host: mac.downloads.freemac.org
URL: http://mac.downloads.freemac.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0525bc8ee363380e856ceb51be5de45b8ae33c3947d81873df3be6255b47c8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 19:49:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 May 2020 08:30:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=0
Accept-Ranges: bytes
Content-Length: 1456
X-XSS-Protection: 0
Expires: Thu, 10 Sep 2020 19:49:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 127 KB
45 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mac.downloads.freemac.org
URL: http://mac.downloads.freemac.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc5eb467be2c7201a149a6e6f011fffb3caecc55a980c66d6253c0bc2bd29fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 19:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44955
x-xss-protection: 0
server: cafe
etag: 10445964008519383142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Sep 2020 19:49:31 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/ 228 KB
86 KB 75ms
60ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87668
x-xss-protection: 0
server: cafe
etag: 5831147292718782217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Sep 2020 19:49:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/ Frame 67F9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200901/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://mac.downloads.freemac.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://mac.downloads.freemac.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 10 Sep 2020 09:18:18 GMT
expires: Thu, 24 Sep 2020 09:18:18 GMT
content-type: text/html; charset=UTF-8
etag: 9704104221650600920
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4744
x-xss-protection: 0
age: 37874
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mac.downloads.freemac.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 38ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mac.downloads.freemac.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame AA6A 0
0 102ms
102ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7796957396925846&output=html&h=280&slotname=1107264669&adk=1034397947&adf=683863926&w=1200&fwrn=4&fwrnh=100&lmt=1563982706&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599767372198&bpp=14&bdt=255&idt=167&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=255342238048&frm=20&pv=2&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=2738&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PXJ8oPQOX4&p=http%3A//mac.downloads.freemac.org&dtd=189

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7796957396925846&output=html&h=280&slotname=1107264669&adk=1034397947&adf=683863926&w=1200&fwrn=4&fwrnh=100&lmt=1563982706&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1599767372198&bpp=14&bdt=255&idt=167&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=255342238048&frm=20&pv=2&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=2738&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PXJ8oPQOX4&p=http%3A//mac.downloads.freemac.org&dtd=189
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://mac.downloads.freemac.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://mac.downloads.freemac.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 19:49:32 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Sep-2020 20:04:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 19:49:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599669618812000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Thu, 10 Sep 2020 19:49:32 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3B57 0
0 16ms
15ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7796957396925846&output=html&adk=1812271804&adf=3025194257&lmt=1563982706&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&ea=0&flash=0&pra=7&wgl=1&dt=1599767372212&bpp=2&bdt=269&idt=190&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=255342238048&frm=20&pv=1&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=10930&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7796957396925846&output=html&adk=1812271804&adf=3025194257&lmt=1563982706&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmac.downloads.freemac.org%2F&ea=0&flash=0&pra=7&wgl=1&dt=1599767372212&bpp=2&bdt=269&idt=190&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=255342238048&frm=20&pv=1&ga_vid=1249044652.1599767372&ga_sid=1599767372&ga_hid=1933109612&ga_fc=0&iag=0&icsg=10930&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21067348&oid=2&pvsid=4259509981098737&pem=212&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=195
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://mac.downloads.freemac.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://mac.downloads.freemac.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Sep 2020 19:49:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Sep-2020 20:04:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 19:49:32 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 43ms
30ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200901&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed96dac2614198dd82a4f16265d08cb6f2e07814f30f5d01a058db154de7bd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6657
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 10 Sep 2020 19:49:32 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2A7C 0
0 27ms
14ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://mac.downloads.freemac.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://mac.downloads.freemac.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 10 Sep 2020 19:05:34 GMT
expires: Fri, 10 Sep 2021 19:05:34 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2638
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
108 B 45ms
44ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200901&jk=4259509981098737&bg=!PzylPCRYwiBzBDZIfc0CAAAAXFIAAAANCgEdurM4Egk9h3uURCjpRKSJaRY5huiNkHdrvjXAVZQehDnhDhUC0yIkHiPe4_Z6cWQjwu4avOAGuF0GYk4YkN3viF00ZTW56Odgownrz-yJCPwgYD99c8v-Ys2dVDuSw6yMLSA2ErphHzc6bo4a74pwEaJftIufCZUZgAZNpoiVBHyIcjf2AMK3qSWU1GByg2H4jeBMIjWSPH08Ys7W2BOcj-wUpn-X-uahxGcs7YrrTE5AT-z29hpWg3Hp3njK_uZmjABshkpaYdxcREo9lfnMdsi3z604YvgljiqQv6b1fVDW4Ofx59Uw9AQOiiDCT3INRqdwaxkuN4pLser9rYTiRQ9nLAUVSDvmw6wetYyB144NFm0zn5MBaCNGczqVmQGxbEKKaEb5pFZWLMtDvF-kvZxYmr6SGDbg4tr0EmFPUcQRaNPxExXMltT-ioT6G356NGfop_MQk6wm691ulEWI5ZDL727VNZQAks3N21i6QV4NTs0VmyJhHa5EfoKT6K4HncBnil-UV4ECBaMWY1eC6MQPiNMNiBRhpCjIuXPvRWKL4XrR7gOqou42YwRXS4VgAMn0-WytI32gdfK50z9zaVIdVI4oToOz3BpwXErSapjTpLd1I5Qqlp_VzDLgFgLCqblc1FkVv6XDGJUCcH-gUuZSROJaftBkMBUJ1NQdMawB5xWKY36KonwRNFKO_khOT5QzxjYsYstuuCxpQvATGy-TN5fVBiVi5g63gv5F0N_t7ZziknZj8q315AjUYbFtHfvuEe3v3_jZkROuo7FPV0bNpwkdiP0S8-briUGD_lhxWLvdEkHDZxhgJnGhObsGYfrsXfRbraQ74EFAnBGRQax_jpHCyKE212YWfpuddjYrK2TRBTYb6wDMmsVmLmxx_aDBzk9XbhQvjeGyjzUGEmNNVbhcVofuxsFA7cR0R-sjO4M0F1ZT3F5NW6BniPAyDQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mac.downloads.freemac.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 19:49:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 12:22:48	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apple.downloads.onemac.net
download.center.freemac.org
freemac.org
googleads.g.doubleclick.net
mac.downloads.freemac.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
173.254.28.222
173.254.28.237
2a00:1450:4001:814::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a00:1450:4001:825::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0525bc8ee363380e856ceb51be5de45b8ae33c3947d81873df3be6255b47c8f8
07c0fe7a3d1723c2cd6933a50e7ae04ae1442147ec1865af76fcb43c0672acf4
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
b60e70dc8cf03fd6e53942c614f1040db567f7a2dae8f77db60244b199ea3de3
bdc5eb467be2c7201a149a6e6f011fffb3caecc55a980c66d6253c0bc2bd29fc
c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed96dac2614198dd82a4f16265d08cb6f2e07814f30f5d01a058db154de7bd82
f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6

mac.downloads.freemac.org Open in urlscan Pro 173.254.28.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

67 %IPv6

7 Domains

11 Subdomains

5 IPs

2 Countries

245 kBTransfer

530 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

1 Cookies

Indicators

mac.downloads.freemac.org Open in urlscan Pro
173.254.28.222 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

67 %
IPv6

7
Domains

11
Subdomains

5
IPs

2
Countries

245 kB
Transfer

530 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions