www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Submission Tags: falconsandbox
Submission: On May 10 via api (May 10th 2021, 5:00:56 pm UTC) from US

Summary HTTP 130 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 61 domains to perform 130 HTTP transactions. The main IP is 23.111.189.3, located in United States and belongs to HVC-AS, US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by R3 on May 7th 2021. Valid for: 3 months.

This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	23.111.189.3 23.111.189.3	29802 (HVC-AS) (HVC-AS)
1	2600:9000:219... 2600:9000:2190:800:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.189.6 23.111.189.6	29802 (HVC-AS) (HVC-AS)
1	65.9.63.91 65.9.63.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	104.109.85.134 104.109.85.134	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:219... 2600:9000:2190:6c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
1	52.52.67.66 52.52.67.66	16509 (AMAZON-02) (AMAZON-02)
21	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2 9	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1 1	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST)
1	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 3	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 2	3.121.254.42 3.121.254.42	16509 (AMAZON-02) (AMAZON-02)
1 4	52.95.118.60 52.95.118.60	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.184 213.155.156.184	1299 (TELIANET ...) (TELIANET Telia Carrier)
21	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 5	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
6 6	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
4 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3039::6815:c036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	18.158.181.33 18.158.181.33	16509 (AMAZON-02) (AMAZON-02)
1 1	18.157.110.16 18.157.110.16	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
1	52.208.69.189 52.208.69.189	16509 (AMAZON-02) (AMAZON-02)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 6	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	23.111.189.11 23.111.189.11	29802 (HVC-AS) (HVC-AS)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
130	49

10 23.111.189.3 (United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: majorgeeks.com

www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:800:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.189.6 (United States)

ASN29802 (HVC-AS, US)
PTR: dev.majorgeeks.com

ra.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.91 (United States)

ASN16509 (AMAZON-02, US)

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:6c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.67.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 62.149.0.72 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.186 (United States) 1 redirects

ASN32748 (STEADFAST, US)

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.181 (United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.178 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.254.42 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-254-42.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.118.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.209.246.140 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-246-140.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.213 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (United Kingdom) 6 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c036 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Hjørring, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.158.181.33 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.110.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.88 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.19.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.69.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-69-189.eu-west-1.compute.amazonaws.com

data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.189.11 (United States)

ASN29802 (HVC-AS, US)

files1.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	68 KB
21	facebook.com www.facebook.com	279 KB
12	doubleclick.net 8 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	134 KB
12	majorgeeks.com 1 redirects www.majorgeeks.com ra.majorgeeks.com files1.majorgeeks.com	84 KB
11	adtelligent.com 2 redirects s.adtelligent.com sync.adtelligent.com	6 KB
9	lijit.com 4 redirects ap.lijit.com ce.lijit.com	6 KB
9	fbcdn.net scontent-frx5-1.xx.fbcdn.net static.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent.xx.fbcdn.net	149 KB
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	39 KB
5	adsrvr.org 4 redirects match.adsrvr.org data.adsrvr.org	2 KB
5	bidr.io 5 redirects match.prod.bidr.io	2 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	addthis.com s7.addthis.com	192 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	contextweb.com 3 redirects bh.contextweb.com	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	dotomi.com pubmatic-match.dotomi.com amazon-tam-match.dotomi.com	103 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	742 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1003 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	360yield.com 2 redirects ad.360yield.com	654 B
2	e-planning.net 1 redirects ads.us.e-planning.net	308 B
2	openx.net 2 redirects rtb.openx.net	626 B
2	tynt.com 1 redirects ic.tynt.com de.tynt.com	947 B
2	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	consensu.org quantcast.mgr.consensu.org	73 KB
2	googlesyndication.com pagead2.googlesyndication.com	130 KB
2	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	103 KB
1	rfihub.com 1 redirects p.rfihub.com	748 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	609 B
1	gumgum.com 1 redirects rtb.gumgum.com	335 B
1	playground.xyz 1 redirects ads.playground.xyz	484 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	314 B
1	mathtag.com 1 redirects sync.mathtag.com	680 B
1	simpli.fi um.simpli.fi	610 B
1	zeotap.com mwzeom.zeotap.com	490 B
1	deepintent.com match.deepintent.com	44 B
1	ad4m.at ad4m.at	992 B
1	erne.co 1 redirects green.erne.co	326 B
1	loopme.me 1 redirects csync.loopme.me	212 B
1	adgrx.com cm.adgrx.com	408 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	775 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	326 B
1	trafmag.com t.trafmag.com	232 B
1	admanmedia.com 1 redirects cs.admanmedia.com	406 B
1	quantcount.com rules.quantcount.com	345 B
1	addthisedge.com v1.addthisedge.com	941 B
1	moatads.com z.moatads.com	1 KB
1	ipfind.co ipfind.co	462 B
1	googleapis.com ajax.googleapis.com	33 KB
1	mailchimp.com cdn-images.mailchimp.com	1 KB
1	googletagservices.com www.googletagservices.com	21 KB
130	61

	Domain	Requested by
21	www.facebook.com	www.majorgeeks.com www.facebook.com
13	simage2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
10	www.majorgeeks.com	1 redirects www.majorgeeks.com
9	sync.adtelligent.com	2 redirects s.adtelligent.com ads.pubmatic.com
8	cm.g.doubleclick.net	8 redirects
8	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
7	x.bidswitch.net	7 redirects
6	ce.lijit.com	2 redirects ap.lijit.com
6	scontent-frx5-1.xx.fbcdn.net	www.facebook.com www.majorgeeks.com
5	match.prod.bidr.io	5 redirects
5	ads.pubmatic.com	s.adtelligent.com ads.pubmatic.com aax-eu.amazon-adsystem.com
4	match.adsrvr.org	4 redirects
4	sync.1rx.io	4 redirects
4	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com ap.lijit.com
4	s7.addthis.com	www.majorgeeks.com s7.addthis.com
3	bh.contextweb.com	3 redirects
3	ib.adnxs.com	3 redirects
3	ap.lijit.com	2 redirects aax-eu.amazon-adsystem.com
3	c.amazon-adsystem.com	www.majorgeeks.com c.amazon-adsystem.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	sync.targeting.unrulymedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ad.360yield.com	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	rtb.openx.net	2 redirects
2	s.adtelligent.com	cdn.thisiswaldo.com s.adtelligent.com
2	www.google-analytics.com	www.majorgeeks.com www.google-analytics.com
2	securepubads.g.doubleclick.net	cdn.thisiswaldo.com www.googletagservices.com
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	pagead2.googlesyndication.com	www.majorgeeks.com pagead2.googlesyndication.com
1	scontent.xx.fbcdn.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	files1.majorgeeks.com	www.majorgeeks.com
1	p.rfihub.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	data.adsrvr.org	ap.lijit.com
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.deepintent.com	image6.pubmatic.com
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad4m.at	image6.pubmatic.com
1	green.erne.co	1 redirects
1	csync.loopme.me	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	image6.pubmatic.com
1	scontent-frt3-2.xx.fbcdn.net	www.majorgeeks.com
1	static.xx.fbcdn.net	www.facebook.com
1	image6.pubmatic.com	ads.pubmatic.com
1	t.trafmag.com	s.adtelligent.com
1	de.tynt.com	s.adtelligent.com
1	ic.tynt.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	v1.addthisedge.com	s7.addthis.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	z.moatads.com	s7.addthis.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ipfind.co	cdn.thisiswaldo.com
1	ajax.googleapis.com	www.majorgeeks.com
1	cdn-images.mailchimp.com	www.majorgeeks.com
1	ra.majorgeeks.com	www.majorgeeks.com
1	www.googletagservices.com	www.majorgeeks.com
1	cdn.thisiswaldo.com	www.majorgeeks.com
130	86

This site contains links to these domains. Also see Links.

Domain
www.restoro.com
www.contentteller.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.addthis.com

Subject Issuer	Validity	Valid
majorgeeks.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-06-16` - `2021-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
ra.majorgeeks.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
ipfind.co Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
sync.adtelligent.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
ads.us.e-planning.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
files1.majorgeeks.com R3	`2021-04-28` - `2021-07-27`	3 months	crt.sh

This page contains 28 frames:

Frame: https://files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/Web_Trial_en.exe
Frame ID: 0BDA037FD8A21E23B85075CADC9BF618
Requests: 37 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Frame ID: 3C53C84F9778C2B8B71966162214BA96
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html
Frame ID: C9218C601AF57C5CA9FB9829766D7BF6
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 543D39C975706E5553639CAE38761394
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Frame ID: ACC0A5EBBA43603FB30C54A6BEF96156
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Frame ID: E24899F938513561C2E27E47475898C3
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=563719
Frame ID: 48E4338066FE3E87A3048F0E04054690
Requests: 8 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 47A600727BAD99A68E8425DC31453D3E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 508562D591876E94033414C80E216AA3
Requests: 25 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t
Frame ID: C4D70417A5D4C0C5494569830AC24305
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6D1EA75B4ACA7A03636AF5DB29763039
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8153007806467024245
Frame ID: 6E2FE9545494CD46C14CA64DCC3A3C7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960707562229201045
Frame ID: 3A2201325227A521E4A95CFD8EA9A64D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAMbk7BMs0AAC-L6l00eg
Frame ID: 093DE297E69496F3F973FFC54B304504
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4A6AB213600760913CCE29E664D152F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 3F8A22315B48EB37AA9EC0F42D995272
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3684413-a443-4946-b29c-f371be5e4641-003
Frame ID: 3CA5F36707B33B42777BC70BC1C78E1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4AeL6U7xzzQYdIb9zni8WyLc
Frame ID: 02F6E08A5B28E0A836E61586DE422459
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 94B3B0058802036B160FA1AA396D7CF8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 828049D9736114AAA4F216F8F2B4B097
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bk9kt9fdFkNS&pid=557219
Frame ID: A9ADB10AD627F15E48D9CA91418BEFE9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: B39C78388290AF95D83909BB1CCD1847
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=306114&extuid=%20PM_UIDDA04396B-DEE6-481D-8CBC-1B2B16A632B4
Frame ID: 1CFB704136AA7D1297841D1FE792AF24
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_sovrn_pm-db5&fv=1.0&a=cm&cm3ppd=1
Frame ID: 9BC16B9ECD0108543D65F6DA0ABB67E7
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 1374976DF9123FFA1AC4F5C5AF46ADD6
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Frame ID: AF8C566FF5F36F933B7216927E52CB54
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: E678DB402A059A1162AF08902D8E4E99
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BD7B6A346B71EA72B46A35C9A3BC581A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

130
Requests

100 %
HTTPS

26 %
IPv6

61
Domains

86
Subdomains

49
IPs

10
Countries

1349 kB
Transfer

3824 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.restoro.com/includes/route.php?tracking=Majorgeeks&banner=dltxt&lpx=uyrn
Title: Click Here to Repair/Restore Missing Windows OS Files Damaged by Malware

Search URL Search Domain Scan URL

URL: http://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Follow on TwitterTwitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UC9-wz8Md_X6V3BCihYW3jig?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/majorgeeksdotcom
Title: Follow on InstagramInstagram

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cs.admanmedia.com/sync/selectmedia?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310756%26extuid%3D%7B%24UID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

Request Chain 49

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

Request Chain 50

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99b306e3145009ad

Request Chain 51

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7990c4c6-cdfe-4795-ae10-0ea5b66c4351

Request Chain 52

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a1866077a68932c8d549e921

Request Chain 53

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3685982985366737415

Request Chain 54

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 55

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=d6c2a002-0156-4fae-88e8-51b95213335e

Request Chain 56

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D312412%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=99b306e3145009ad

Request Chain 58

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t

Request Chain 75

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8153007806467024245

Request Chain 76

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960707562229201045

Request Chain 77

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTWJrN0JNczBBQUMtTDZsMDBlZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAMbk7BMs0AAC-L6l00eg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAMbk7BMs0AAC-L6l00eg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAMbk7BMs0AAC-L6l00eg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2717126934472711299 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAMbk7BMs0AAC-L6l00eg

Request Chain 79

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 80

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3821109202 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3821109202 HTTP 302
https://sync.1rx.io/usersync/tradedesk/4c9941e6-17e6-4d79-9da5-9454ed25d12d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b3684413-a443-4946-b29c-f371be5e4641-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b3684413-a443-4946-b29c-f371be5e4641-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3684413-a443-4946-b29c-f371be5e4641-003

Request Chain 81

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4AeL6U7xzzQYdIb9zni8WyLc

Request Chain 83

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 84

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bk9kt9fdFkNS&pid=557219

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2gQ5a97mSB2MvBsrFqYytA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2gQ5a97mSB2MvBsrFqYytA%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 89

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 90

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&addseg=31

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REEwNDM5NkItREVFNi00ODFELThDQkMtMUIyQjE2QTYzMkI0&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REEwNDM5NkItREVFNi00ODFELThDQkMtMUIyQjE2QTYzMkI0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFU9-gB8XL51XOMjSdjVdig&google_cver=1

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8ad2b37f-c03e-43f7-a512-098b1dd49a54

Request Chain 95

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6211226300007048328

Request Chain 96

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a6f26099-66a6-4d00-b61e-cf0179d15850&gdpr=0&gdpr_consent=

Request Chain 97

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685982985366737415&gdpr=0&gdpr_consent=

Request Chain 99

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-X9WP1R1E2uV18qCWilg4KM6DqygPiWU-~A&gdpr=0&gdpr_consent=

Request Chain 100

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=887697ee-e416-4f9c-8ca2-6ee325bd3265&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_624e28f0-f93b-43f3-8ca7-b4e81b99e450&bsw_param=887697ee-e416-4f9c-8ca2-6ee325bd3265&expires=10 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_624e28f0-f93b-43f3-8ca7-b4e81b99e450&bsw_param=887697ee-e416-4f9c-8ca2-6ee325bd3265&expires=10 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3c73194d-7845-44b0-b312-1a55a834922d&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 101

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ

Request Chain 102

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8478640477814303068&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 103

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJlmpwAA4z6VqAA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJlmpwAA4z6VqAA4&gdpr=0&gdpr_consent=&_test=YJlmpwAA4z6VqAA4

Request Chain 104

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6f64a22c-2b2e-4f6e-bf80-a39a8d3c3534&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 106

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f72fd932-cccb-462b-a6d6-8891e4be558d-609966a7-4348&gdpr=0&gdpr_consent=

Request Chain 107

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685982985366737415

Request Chain 108

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_68d9a555-56da-4711-8a07-0a265322aea3

Request Chain 115

https://ums.acuityplatform.com/tum?umid=27&uid=a1866077a68932c8d549e921&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=577835373252 HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=577835373252&dnr=1

Request Chain 116

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3684413-a443-4946-b29c-f371be5e4641-003&rndcb=5999884115 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-b3684413-a443-4946-b29c-f371be5e4641-003&rndcb=5999884115 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=8f4cf854-31c9-4a85-92ee-36a425896c9a&google_hm=OGY0Y2Y4NTQtMzFjOS00YTg1LTkyZWUtMzZhNDI1ODk2Yzlh HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAl2VEp2a2dcFENDaMxSmRk&google_cver=1&ssp=adconductor&bsw_param=8f4cf854-31c9-4a85-92ee-36a425896c9a HTTP 302
https://sync.1rx.io/usersync/bidswitch/887697ee-e416-4f9c-8ca2-6ee325bd3265?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b3684413-a443-4946-b29c-f371be5e4641-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-b3684413-a443-4946-b29c-f371be5e4641-003 HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=RX-b3684413-a443-4946-b29c-f371be5e4641-003

Request Chain 117

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=Cg8vmvdqqjt2&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 118

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918 HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918&dnr=1

Request Chain 122

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=urktipk2qn33kdpveih1gscg37 HTTP 302
https://files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/Web_Trial_en.exe

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set microsoft_expression_web,1.html%20%20Thanks! Show response
www.majorgeeks.com/mg/getmirror/ 16 KB
6 KB 911ms
513ms Document
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 004b218b3e50faf50c41eb6de8c4ed74670559d2657e65378a4205566c0d388e

Request headers

Host: www.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:40 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5520
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
www.majorgeeks.com/core/javaload/ 95 KB
33 KB 149ms
149ms Script
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 47 KB
5 KB 409ms
148ms Stylesheet
text/css 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 4663

GET
H2 200 4107.js Show response
cdn.thisiswaldo.com/static/js/ 348 KB
103 KB 66ms
14ms Script
application/javascript 2600:9000:2190:800:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/4107.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

8eda946ae4429f4b970d21fbb8074988b98b18621200405b9c8df9c112bc457b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 15:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 15:06:21 GMT
server: Apache/2.4.29 (Ubuntu)
age: 6788
etag: "56ea8-5c131f46c9f93-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: FapepTH-n9CFvp8unewV1HhH00WMP4er1cGbLbrnazkC0JCELOB8hw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d079b9cce69798289b226dd673eee4be33e7266675776c99a8a717c15d1ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "867 / 836 of 1000 / last-modified: 1620665529"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21174
x-xss-protection: 0
expires: Mon, 10 May 2021 17:00:21 GMT

GET
H/1.1 200
OK majorgeeks.gif
www.majorgeeks.com/images/logos/ 16 KB
16 KB 139ms
136ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:41 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16513

GET
H/1.1 200
OK click_here.gif
www.majorgeeks.com/images/ 1 KB
2 KB 166ms
136ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/click_here.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:41 GMT
Last-Modified: Wed, 08 May 2013 03:02:26 GMT
Server: Apache/2.4.10 (Debian)
ETag: "5c4-4dc2c29df1480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1476

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 311ms
144ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:41 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1402

GET
H/1.1 200
OK asyncjs.php Show response
ra.majorgeeks.com/www/delivery/ 10 KB
10 KB 556ms
153ms Script
text/javascript 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:41 GMT
Server: Apache/2.4.10 (Debian)
P3P: CP="CUR ADM OUR NOR STA NID"
ETag: e1ae6e2743255c6dac1aff6e1e0dbfb4
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Connection: Keep-Alive
Expire: Mon, 10 May 2021 18:03:41 GMT
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 59ms
19ms Stylesheet
text/css 65.9.63.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 13:54:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 11177
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: c8NXvJ43LvM7BHTHZLQMqpwy-s__aj1RWL9855YS6gc2rU-iW34enQ==

GET
H/1.1 200
OK advertisement.js Show response
www.majorgeeks.com/b/ 45 B
340 B 134ms
134ms Script
application/javascript 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/b/advertisement.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:40 GMT
Last-Modified: Sat, 29 Apr 2017 07:29:37 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d-54e4926fdaee0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 45

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78026d98a6e86fa2dd6da3307e95177519f328ab7e9290ef9c6b1a2fab7cf4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47880
x-xss-protection: 0
server: cafe
etag: 2511388319068989350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 May 2021 17:00:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 13:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13165
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 13:20:56 GMT

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 3 KB
3 KB 409ms
145ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Cookie: PHPSESSID=urktipk2qn33kdpveih1gscg37
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:41 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 58ms
20ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 10 May 2021 17:00:21 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/ 3 KB
2 KB 45ms
15ms Script
application/javascript 2600:9000:2190:6c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb30289f9e4df7ea7a22714a51d911e790e76d3debdbd9139cc201028b0ca35a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 16:59:36 GMT
content-encoding: gzip
etag: W/"d37205617210309f25de0d69ec6c2582"
last-modified: Wed, 10 Feb 2021 19:51:37 GMT
server: AmazonS3
age: 71
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ude5r0chjgxV-5M5MWRF6q8pK4jCLLHPLSnBTQDIo20IJZkVBiyTeQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 69ms
26ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

db75e23783bed199c14f86edfaf21dc221c6301014cad2249faa7b1344abe74b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "867 / 237 of 1000 / last-modified: 1620665529"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21171
x-xss-protection: 0
expires: Mon, 10 May 2021 17:00:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 49ms
16ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 05:09:09 GMT
content-encoding: gzip
server: Server
age: 42671
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: Nsynv8GCp4Q4tAAUyy02nIpybDb6nOq1z6DlvidyjOEr7xfoCM_tZg==

GET
H2 200 me Show response
ipfind.co/ 360 B
462 B 589ms
220ms XHR
application/json 52.52.67.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.67.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-67-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 258531131d81a1ab0e0a73dc45044046701a122fcacdceae0944894016be3d38

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 238

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 3C53 48 KB
15 KB 84ms
68ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93f252ec58cb74551f6864238622de50eb34f010d278632bba210a749cfc0811

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: 3ZjXtREfZ1hovHK1nr7o4qTvsAeHTvj9kq0O36vJ6JG2OK8THHFT/dFBnT6NMeGLnoO7SgBJxUkpWKXzfWRxEg==
date: Mon, 10 May 2021 17:00:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2009
date: Mon, 10 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 10 May 2021 18:26:52 GMT

GET
H2 200 pubads_impl_2021050601.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 28ms
27ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Mon, 10 May 2021 17:00:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/ 224 KB
83 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6960825562757852&plah=www.majorgeeks.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84600
x-xss-protection: 0
server: cafe
etag: 12591075211014417161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 May 2021 17:00:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/ Frame C921 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210505/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 May 2021 23:39:16 GMT
expires: Sun, 23 May 2021 23:39:16 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 62465
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 29ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 17 May 2021 17:00:21 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 278 KB
71 KB 29ms
28ms Script
text/javascript 2600:9000:2190:6c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.majorgeeks.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 10 May 2021 16:40:37 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 17:11:22 GMT
server: AmazonS3
age: 1185
etag: W/"814cf3c7bdd5dafb6ad642c1b52006c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZTaGgU3Z2ajGAMOiin9vbwOB_KyYnQVpxRvct8gfFMP2DDh0LI5aaQ==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 81ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7104
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 543D 1 KB
1002 B 160ms
28ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 51579ba35f311b96e2c434b70b79d5a7c096be88182c9c10c3eed1b3ff60a34a

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 10 May 2021 17:00:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 716
Access-Control-Allow-Origin: https://www.majorgeeks.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

POST
H/1.1 200
OK new-impression Show response
thisiswaldo.com/ 1 B
384 B 537ms
165ms XHR
text/html 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/new-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 10 May 2021 17:00:21 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 3 KB
941 B 53ms
52ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-85-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
etag: -316279931--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=31, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 765

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1240171981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fmicrosoft_expression_web%2C1.html%2520%2520Thanks!&ul=en-us&de=UTF-8&dt=Download%20Microsoft%20Expression%20Web%204.0.1460.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=50831192&gjid=92104351&cid=1103933450.1620666021&tid=UA-956038-1&_gid=1857531254.1620666021&_r=1&_slc=1&z=771318799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 47ms
19ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 81224
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Sun, 09 May 2021 18:26:38 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ezIdYirWEzaD-4Uzzt-eHrlZ7bu_E5nvysQClX8a4V3Q4GkIX2_AKg==

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 2 B
345 B 61ms
24ms Script
application/javascript 2600:9000:2190:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 16:07:34 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
server: AmazonS3
age: 3166
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
content-length: 2
x-amz-cf-id: i4EaoQzwe2Xddr7TaMjUqPisJV9G0yTh2IxyBmVSwQTDBDqHETqz2A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-956038-1&cid=1103933450.1620666021&jid=50831192&gjid=92104351&_gid=1857531254.1620666021&_u=IEBAAEAAAAAAAC~&z=1931603178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 17:00:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 RsNJtvEL6i6.css
www.facebook.com/rsrc.php/v3/yu/l/0,cross/ Frame 3C53 27 KB
6 KB 15ms
7ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yu/l/0,cross/RsNJtvEL6i6.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b244ba5ce0a344e949e87c95f3218028f2d02c1fb3fb155de1872ab20c17e83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 20:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RVT/euozzI/aXeyQKmIX+g==
cross-origin-resource-policy: cross-origin
content-length: 6171
x-fb-rlafr: 0
x-fb-debug: zfVWrWhwfoZ7E2cj6cimJMsAlw5+fWXgvFGBANIggbOOyWjFGKzvSxl6lXpJkQKAzP5RczPmHXJCHBHi5vggbw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 20:45:15 GMT

GET
H3-29 200 oZNXTRaOWjx.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 3C53 292 KB
79 KB 20ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

589222eaa89338e39dcfdf25b7362e2af8a4298c40a24d157a9369d166162d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5GhlMOLbjSAoSwDbYAtSgw==
cross-origin-resource-policy: cross-origin
content-length: 81175
x-fb-rlafr: 0
x-fb-debug: 2LF0Q9128+eB/bUCW4qh4G+xiBiC+UjUI8MX0MFObgpw0Ak68UPKJeFToaECZqIH5kQiz00GtnfYo6gFDwf/yw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 May 2022 07:20:15 GMT

GET
H3-29 200 DUV2z6nTgU6.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 3C53 63 KB
19 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/DUV2z6nTgU6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 23:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WKBQdaPlu64R96rqlppOpg==
cross-origin-resource-policy: cross-origin
content-length: 19682
x-fb-rlafr: 0
x-fb-debug: jN0k0pVBAd6mKjSV3CKNjB7nMMIsB5cdAKXvennDMRVZ/XGfJpGbECnkHEXsSgmOHgHLHDTfr5YLGQDiegpTYg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 May 2022 23:57:11 GMT

GET
H3-29 200 __q9dxH6_x1.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/ Frame 3C53 128 KB
36 KB 20ms
13ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/__q9dxH6_x1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ec44b70aa20129513bc61eb4b86c1ca854b425cec7eda03f8652093374c0f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 05:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 96/585IxIDTBVc7RVxq/Yw==
cross-origin-resource-policy: cross-origin
content-length: 36441
x-fb-rlafr: 0
x-fb-debug: gouYEjPpLM+lTrA//mqrIkt9o/yJBIHbdVeT8D1ce0Mn+5JJzppyD2AhhkkPiMpN/0EZMPVgJ4DuP5J5LXvAhw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 May 2022 05:51:11 GMT

GET
H3-29 200 KMa6-js1idc.js Show response
www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/ Frame 3C53 33 KB
9 KB 20ms
13ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/KMa6-js1idc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BugT2GA+FK1ULXN+N8Xqsw==
cross-origin-resource-policy: cross-origin
content-length: 9028
x-fb-rlafr: 0
x-fb-debug: oCf8am26SszIaP4QJb1AOtztx6APbU1AWaomjgF3Gq1AIrwudPoCbKNi6/K7kw85yVIrNvkKc1RiV8MIFrOoMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 May 2022 18:12:32 GMT

GET
H3-29 200 DF6UlUHZioW.js Show response
www.facebook.com/rsrc.php/v3/ya/r/ Frame 3C53 153 KB
45 KB 20ms
13ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ya/r/DF6UlUHZioW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14951e70ab348fa3aabb890d1fd55c0348eec89121ad6a5333f67d3fcbe146e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 22:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sE0cYCMmecy00VHmWGPlHg==
cross-origin-resource-policy: cross-origin
content-length: 46333
x-fb-rlafr: 0
x-fb-debug: IOgREA7rCBOPfceRp3mjdZSGHiF1PV4u0zaR/B3hjzBXPpAZzwE+ZcM/Lfc0Kr6wgLiNuC7Jxn0LdATcKmNFSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 May 2022 22:10:28 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 3C53 5 KB
2 KB 21ms
13ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 22:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: ZcdNmF5hBYlrBuuIxROwhmsT2wxdWWU+VaUdR2Yc19xtbsOZQoQHveu7++6Ofq74DfQg84jJ5wVXMEyg/3/x6w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 May 2022 22:11:07 GMT

GET
H3-29 200 X0zaXtEr1Mw.js Show response
www.facebook.com/rsrc.php/v3/yT/r/ Frame 3C53 9 KB
2 KB 21ms
14ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/X0zaXtEr1Mw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 22:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5frdhaI2QBHURlNBgnqAfw==
cross-origin-resource-policy: cross-origin
content-length: 2493
x-fb-rlafr: 0
x-fb-debug: uTCgLE7iWIISDNsRQ9bLBBny0572YWqHjObUuRMVir7r1LEsFJcm1DzFQ7ecy/ASnZ9tPME70NdrDZo+gOBuqQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 May 2022 22:26:39 GMT

GET
H2 200 793745_549526268398330_1511905374_o.png
scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/ Frame 3C53 4 KB
5 KB 21ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/793745_549526268398330_1511905374_o.png?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=ioj3VYLvlxgAX-aaJtT&_nc_ht=scontent-frx5-1.xx&tp=30&oh=285ee6fcbe628a9483c22c741598c62d&oe=60BFBAA9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 64bf196f1f6e695daac5501103dcfc2d88864f9be4bcd8e5256bb8094479f835

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1377982173
date: Mon, 10 May 2021 17:00:21 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 08 Feb 2013 14:07:18 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2139525755
x-fb-config-version-olb-prod: 1096
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4447

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 118 B
507 B 159ms
159ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fmicrosoft_expression_web%2C1.html%2520%2520Thanks!&pid=bb5xQ3c6f4CQw&cb=0&ws=1600x1200&v=7.64.00&t=2250&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&cfgv=0&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 7d98f53dfc8cad156f67623dd75bab5d83d75dbfe89acd2f47ea0ec18bf3d431

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-id: bD9EHAWFSjF4-5iBwOFwCQHfd_QgWSQABc0bPRGcANpmMzaj9k6TWA==

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 27ms
22ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 10 May 2021 17:00:21 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ACC0 8 KB
3 KB 98ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86884
Expires: Tue, 11 May 2021 17:08:25 GMT
Date: Mon, 10 May 2021 17:00:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set csync Show response
sync.adtelligent.com/ Frame E248
Redirect Chain

https://cs.admanmedia.com/sync/selectmedia?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310756%26extuid%3D%7B%24UID%7D
https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

43 B
508 B

529ms
378ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 10 May 2021 17:00:21 GMT
Content-Type: image/gif
Content-Length: 43
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=99b306e3145009ad; expires=Sun, 11 Jul 2021 17:00:22 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a310756=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; expires=Sun, 11 Jul 2021 17:00:22 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

Server: nginx
Date: Mon, 10 May 2021 17:00:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; path=/; domain=.admanmedia.com; expires=Tue, 10 May 2022 17:00:21 GMT; max-age=31536000 ;SameSite=None; Secure
Location: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 48E4 2 KB
1 KB 29ms
29ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=563719
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 964dcb8552e8038a469bd8f55982cafc9f8980ccc9fa357bd144dc9a142538f3

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/sync.html?aid=555831
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/sync.html?aid=555831

Response headers

Server: VertaMedia 1.0
Date: Mon, 10 May 2021 17:00:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 963
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3-29 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 3C53 62 KB
15 KB 146ms
145ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22117729275063662%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F%22%2C%22width%22%3A402%2C%22height%22%3A255%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.majorgeeks.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwLBwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ew2Mo&__csr=&__req=1&__beoa=0&__pc=PHASED%3Aplugin_default_pkg&__hs=18757.PHASED%3Aplugin_default_pkg.2.0&__bhv=2&dpr=1&__ccg=EXCELLENT&__rev=1003760924&__s=%3A%3Apid5c9&__hsi=6960707558991134657&__comet_req=0&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/__q9dxH6_x1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

835648ed7104d9b73272dac28182472e1c206eb14ff8cd1738c722d14308396d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: l0vtDdUQuM231TUPMkzJkk
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: HwGZz4LvEM1FtNnb/iUyP5FV20KWzETV+jjujuIpB/j3Z+HXrUV5pIa/4jo+4J8S2A2c1ZE5Lz29hdJKgM4wmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 May 2021 17:00:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 3C53 138 B
143 B 40ms
40ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/__q9dxH6_x1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bda1ee5b0a3bb8ef319ea21b051ae78784846960cbca0f49ecefc4410572dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: l0vtDdUQuM231TUPMkzJkk
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: +ovjhYTIUWEJcyJ4OIbaWaK21wgwfo7JOggz1eNl0dDXmW/OGCkBRTbnmNDD0gHe+eA/2xaA6BsBWbk5htqQZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 May 2021 17:00:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame 47A6
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

75 B
345 B

398ms
150ms

Document
text/html

208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.adtelligent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=CmUMKmCZZqYaf0ZAP96FAg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 10 May 2021 17:00:21 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

server: nginx/1.16.1
date: Mon, 10 May 2021 17:00:22 GMT
content-type: text/html; charset=utf-8
content-length: 171
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
set-cookie: uid=CmUMKmCZZqYaf0ZAP96FAg==; expires=Tue, 10-May-22 17:00:22 GMT; domain=tynt.com; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 48E4
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99b306e3145009ad

35 B
232 B

363ms
32ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99b306e3145009ad
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99b306e3145009ad
Date: Mon, 10 May 2021 17:00:21 GMT
Server: VertaMedia 1.0
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 48E4
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7990c4c6-cdfe-4795-ae10-0ea5b66c4351

43 B
504 B

1160ms
387ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7990c4c6-cdfe-4795-ae10-0ea5b66c4351
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:21 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7990c4c6-cdfe-4795-ae10-0ea5b66c4351
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 27mobf786cqnbcgorv791qva19ps45br

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 48E4
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a1866077a68932c8d549e921

43 B
492 B

1526ms
403ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a1866077a68932c8d549e921
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Mon, 10 May 2021 17:00:21 GMT
Server: nginx
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a1866077a68932c8d549e921
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 48E4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3685982985366737415

43 B
487 B

1534ms
386ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3685982985366737415
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:21 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid: 813e2ac5-044a-4504-a02c-31bb19d6391d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3685982985366737415
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
ads.us.e-planning.net/uspd/1/ Frame 48E4
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

0
0

32ms
32ms

Image
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
date: Mon, 10 May 2021 17:00:21 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
content-type: text/html; charset=iso-8859-1
x-sid: AMS-606

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 48E4
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=d6c2a002-0156-4fae-88e8-51b95213335e

43 B
504 B

1203ms
407ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=d6c2a002-0156-4fae-88e8-51b95213335e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=d6c2a002-0156-4fae-88e8-51b95213335e
date: Mon, 10 May 2021 17:00:21 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 48E4
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D312412%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=99b306e3145009ad

43 B
484 B

925ms
378ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=99b306e3145009ad
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=99b306e3145009ad
Date: Mon, 10 May 2021 17:00:21 GMT
Server: VertaMedia 1.0
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5085 38 KB
14 KB 32ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=80028
Expires: Tue, 11 May 2021 15:14:09 GMT
Date: Mon, 10 May 2021 17:00:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame C4D7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t

240 B
930 B

202ms
202ms

Document
text/html

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e515012c8286166432351fbb9226d5cfa996b695d0b881f59a7a0904756ce882

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A9RHVRnBukVGhxFRuRjXTKg|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

Server: Server
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 193
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A9RHVRnBukVGhxFRuRjXTKg; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:00:21 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 17:00:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Mon, 10 May 2021 17:00:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t
Set-Cookie: ad-id=A9RHVRnBukVGhxFRuRjXTKg|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:00:21 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5085 8 KB
9 KB 131ms
33ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 103b6c07a72568f476848af5478b0837cb65e6a65e22015b8c0d118ae76c2742

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:21 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 9wahZxoE7c-.css
www.facebook.com/rsrc.php/v3/yC/l/0,cross/ Frame 3C53 21 KB
5 KB 7ms
7ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yC/l/0,cross/9wahZxoE7c-.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c57d72c0f660488cb3edd784ef0b7479114620fdbfa6d0edc3a6906d21b7136c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 17:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JBzTt09/QO1Rl8c3EGKxvw==
cross-origin-resource-policy: cross-origin
content-length: 5274
x-fb-rlafr: 0
x-fb-debug: 7cZSJYS9KfpYLiZhN/GLZNnlhZlj9oRqZyOxKcAII9PfbZuDqFerkQTWroUk/tHgoFfRvIz7MBWASrQKE8bq8A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 17:01:15 GMT

GET
H2 200 VysPqLbH214.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 3C53 64 KB
17 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/VysPqLbH214.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83a29606c06f2eec31cab9b9292154f47a3041b2b2ce0bfeef4400c375c2cc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zajX/25oAfswS/URi0pd/g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 16539
x-fb-rlafr: 0
x-fb-debug: dfbHAYDFx9hBUk8SUGuI47pRkCHKT79hzbX338FCBFCXFOdTstNn865N4yGancAlOgRJQMt98dFH5dRmJix8zQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 May 2022 03:35:43 GMT

GET
H3-29 200 UG5hFH3OnGZ.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame 3C53 36 KB
7 KB 8ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy: cross-origin
content-length: 7078
x-fb-rlafr: 0
x-fb-debug: 5gwq8+/vl1F6ECFywmSaND/dF14ffjMs+JkOLL8/VG2oT4w4fMAXepZqOiRlr7y45pV0U2ZfBtvh2AtE2eMCYw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 May 2022 18:33:11 GMT

GET
H3-29 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 3C53 18 KB
6 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 08:07:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy: cross-origin
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: 0L3ZcHAYrqgHknuhsXMJ3oR5JGbHmnJMlaWNIBEjdRJvAgKfycJihKTMYkttJ6O4dCg3kw/5p95ojpCmkphGGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 May 2022 08:07:30 GMT

GET
H3-29 200 IOjyMINf4Rq.js Show response
www.facebook.com/rsrc.php/v3/y1/r/ Frame 3C53 38 KB
12 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y1/r/IOjyMINf4Rq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

897f17e04cb14409b14bdc52b5f57291a85c452efd13cd3804e280ac5887afd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 18:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: V9Xy/4wVa7aq4p2QjKI8rQ==
cross-origin-resource-policy: cross-origin
content-length: 11728
x-fb-rlafr: 0
x-fb-debug: N7BteWVe3ZBdSZ7+EReIG23gImfDzbJqrYOKo4Zd2rlCa2L0mAbgrLI2J8qoeQjN4eq/mbjG+4oGJaHMFu9cfA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 May 2022 18:14:23 GMT

GET
H3-29 200 jCjPXE50YBY.js Show response
www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/ Frame 3C53 17 KB
5 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/jCjPXE50YBY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 05:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: F42oAJV6dRouw2yCYHEOhA==
cross-origin-resource-policy: cross-origin
content-length: 5453
x-fb-rlafr: 0
x-fb-debug: Ab+61LGzBLFBnxeWSAGcrqAsuoybLJiv4A9iGSw4vIl1+s3G9oTKo8dFzDcBec7y38Ot1OSo5AsNRTa9SvmKVA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 May 2022 05:49:59 GMT

GET
H3-29 200 XQZLMKrgBCv.js Show response
www.facebook.com/rsrc.php/v3/yI/r/ Frame 3C53 19 KB
6 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yI/r/XQZLMKrgBCv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7366ddfa335cb2d01a2c0d5a21dd98913f176f8043bc10defcb3109f9ebd8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 20:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +6jn/o5dj6Re413xDGKMbQ==
cross-origin-resource-policy: cross-origin
content-length: 6326
x-fb-rlafr: 0
x-fb-debug: EDawM9OCAhv5SViSksJhYDEOa2m+rPdUde8rzurPhqOYh/ubqMo/gN8/JDNS0oKFFH5AVs++0lAZSCpHmLIZIg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 May 2022 20:50:51 GMT

GET
DATA 200
OK truncated
/ Frame 3C53 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-29 200 184712177_5711752252175680_2390617911433458660_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/ Frame 3C53 27 KB
27 KB 25ms
16ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/184712177_5711752252175680_2390617911433458660_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=da1649&_nc_ohc=U7BP79sHHJQAX8bT-pG&_nc_ht=scontent-frx5-1.xx&tp=7&oh=d2e7943a33fd3584bcaf28f5863a85b5&oe=60C04DCA
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 89cbf205e943dc7f53c0936857783b5a8933be44cfda6ebcef53ea32614b530d

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1230396763
date: Mon, 10 May 2021 17:00:21 GMT
last-modified: Mon, 10 May 2021 16:00:38 GMT
content-length: 27606
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1385088939
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 793745_549526268398330_1511905374_o.png
scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/ Frame 3C53 4 KB
4 KB 26ms
17ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/793745_549526268398330_1511905374_o.png?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=ioj3VYLvlxgAX99hU7-&_nc_ht=scontent-frx5-1.xx&tp=30&oh=7bedfaff6c1c5f69ea457ee6b7bc7ddc&oe=60BFBAA9
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 64bf196f1f6e695daac5501103dcfc2d88864f9be4bcd8e5256bb8094479f835

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1377982173
date: Mon, 10 May 2021 17:00:21 GMT
last-modified: Fri, 08 Feb 2013 14:07:18 GMT
content-length: 4447
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2139525755
x-fb-config-version-olb-prod: 1096
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 185123342_5711494465534792_6167330902080557838_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.6435-0/p403x403/ Frame 3C53 43 KB
44 KB 43ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.6435-0/p403x403/185123342_5711494465534792_6167330902080557838_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=da1649&_nc_ohc=NKN5KUXrqUoAX_t3Qh3&_nc_ht=scontent-frt3-2.xx&tp=6&oh=8262ae89968f1a998b3a6f1c2e19fc78&oe=60BEF4E3
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5b5493fe387d1e5e24256bc4cbcab6ef80aa03c0a7bcdb7120425242c73d4df0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1406871305
date: Mon, 10 May 2021 17:00:21 GMT
x-fb-trip-id: 686109401
last-modified: Mon, 10 May 2021 15:00:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3928752223
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44434

GET
H3-29 200 184344117_5711174592233446_7514688330343611411_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/ Frame 3C53 30 KB
30 KB 24ms
16ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/184344117_5711174592233446_7514688330343611411_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=da1649&_nc_ohc=RCDKDDVV65sAX_UpQIW&_nc_ht=scontent-frx5-1.xx&tp=7&oh=e83f196a1e05991d9d76194ce8c02975&oe=60BDF49F
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b2f87f9f1842ac3ac7c538ebae92128f79b10e59a00b8208e1769f7593a0009d

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2102472720
date: Mon, 10 May 2021 17:00:21 GMT
last-modified: Mon, 10 May 2021 13:45:21 GMT
content-length: 31114
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4130779895
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 184516906_5710430305641208_1470078925997952858_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-9/ Frame 3C53 5 KB
5 KB 19ms
11ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-9/184516906_5710430305641208_1470078925997952858_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=da1649&_nc_ohc=NtO1fvdypu0AX-5eCgP&_nc_ht=scontent-frx5-1.xx&oh=ec646df0bbf9225a4608df3b16fecd4d&oe=60BF71BD
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 77b5e693452780b83fde1f7a2b7774da13c574449941900bc0dfa82a1614239c

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3303890819
date: Mon, 10 May 2021 17:00:21 GMT
last-modified: Mon, 10 May 2021 10:35:11 GMT
content-length: 5278
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1649781021
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 183891064_5708944765789762_3938939841991925727_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/ Frame 3C53 16 KB
17 KB 18ms
11ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s403x403/183891064_5708944765789762_3938939841991925727_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=da1649&_nc_ohc=AjLPJXuiRW4AX_gxrpr&_nc_ht=scontent-frx5-1.xx&tp=7&oh=e1ec5c060d11c40d6cac428777a0e97e&oe=60BE2708
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7efd1977b84e2a68977c853796967c4c378aafed8f46f01141010e68d8119de7

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3708781783
date: Mon, 10 May 2021 17:00:21 GMT
last-modified: Mon, 10 May 2021 03:00:05 GMT
content-length: 16858
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1261570962
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 6D1E 43 B
326 B 137ms
42ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Mon, 10 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1033
x-powered-by: ASP.NET
date: Mon, 10 May 2021 17:00:21 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 6E2F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8153007806467024245

42 B
769 B

1087ms
31ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8153007806467024245
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:23 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-8153007806467024245; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PugT=1620666023; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:23 GMT; path=/
X-lat: lhrpug018:0:582
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8153007806467024245
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3A22
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960707562229201045

42 B
771 B

373ms
32ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960707562229201045
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6960707562229201045; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:22 GMT; path=/ PugT=1620666022; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:22 GMT; path=/
X-lat: lhrpug019:0:385
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 10 May 2021 17:00:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6960707562229201045; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960707562229201045

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 093D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTWJrN0JNczBBQUMtTDZsMDBlZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAMbk7BMs0AAC-L6l00eg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAMbk7BMs0AAC-L6l00eg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAMbk7BMs0AAC-L6l00eg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2717126934472711299
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAMbk7BMs0AAC-L6l00eg

42 B
773 B

670ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAMbk7BMs0AAC-L6l00eg
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35; KRTBCOOKIE_1101=23040-6960707562229201045; PugT=1620666022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&16736-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&23019-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&23114-uid:a6f26099-66a6-4d00-b61e-cf0179d15850; KRTBCOOKIE_391=22924-6211226300007048328&KRTB&23263-6211226300007048328
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:23 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_699=22727-AAAMbk7BMs0AAC-L6l00eg; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PugT=1620666023; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:23 GMT; path=/
X-lat: lhrpug006:0:475
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Date: Mon, 10 May 2021 17:00:22 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAMbk7BMs0AAC-L6l00eg
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4A6A 43 B
408 B 101ms
28ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3F8A
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
411 B

400ms
31ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-lat: lhrpug017:2:284
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Encoding: gzip

Redirect headers

set-cookie: viewer_token=6695c2ac-5f8a-4a06-95bb-6cd65ac047ed; path=/; domain=csync.loopme.me; Expires=Thu, 10-Jun-2021 17:00:22 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Mon, 10 May 2021 17:00:22 GMT
server: _

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3CA5
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3821109202
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3821109202
https://sync.1rx.io/usersync/tradedesk/4c9941e6-17e6-4d79-9da5-9454ed25d12d
https://sync.targeting.unrulymedia.com/csync/RX-b3684413-a443-4946-b29c-f371be5e4641-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3684413-a443-4946-b29c-f371be5e4641-003

42 B
849 B

33ms
32ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3684413-a443-4946-b29c-f371be5e4641-003
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35; KRTBCOOKIE_1101=23040-6960707562229201045; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&16736-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&23019-uid:a6f26099-66a6-4d00-b61e-cf0179d15850&KRTB&23114-uid:a6f26099-66a6-4d00-b61e-cf0179d15850; KRTBCOOKIE_391=22924-6211226300007048328&KRTB&23263-6211226300007048328; KRTBCOOKIE_377=6810-8ad2b37f-c03e-43f7-a512-098b1dd49a54&KRTB&22918-8ad2b37f-c03e-43f7-a512-098b1dd49a54&KRTB&23031-8ad2b37f-c03e-43f7-a512-098b1dd49a54; SPugT=1620666021; KRTBCOOKIE_22=14911-8478640477814303068; KRTBCOOKIE_1074=22956-e_68d9a555-56da-4711-8a07-0a265322aea3; KRTBCOOKIE_409=22966-4AeL6U7xzzQYdIb9zni8WyLc; PugT=1620666023; KRTBCOOKIE_336=5844-8153007806467024245; KRTBCOOKIE_57=22776-3685982985366737415; KRTBCOOKIE_699=22727-AAAMbk7BMs0AAC-L6l00eg; KRTBCOOKIE_80=16514-CAESEFU9-gB8XL51XOMjSdjVdig&KRTB&22987-CAESEFU9-gB8XL51XOMjSdjVdig&KRTB&23025-CAESEFU9-gB8XL51XOMjSdjVdig; KRTBCOOKIE_153=1923-EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ&KRTB&19420-EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ&KRTB&22979-EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:23 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-b3684413-a443-4946-b29c-f371be5e4641-003&KRTB&17107-RX-b3684413-a443-4946-b29c-f371be5e4641-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:23 GMT; path=/ PugT=1620666023; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:23 GMT; path=/
X-lat: lhrpug011:0:651
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Mon, 10 May 2021 17:00:23 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-b3684413-a443-4946-b29c-f371be5e4641-003%22%7D; path=/; expires=Tue, 10 May 2022 17:00:23 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3684413-a443-4946-b29c-f371be5e4641-003
etag: RXb3684413a4434946b29cf371be5e4641003

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 02F6
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4AeL6U7xzzQYdIb9zni8WyLc

42 B
775 B

1149ms
31ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4AeL6U7xzzQYdIb9zni8WyLc
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:23 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-4AeL6U7xzzQYdIb9zni8WyLc; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PugT=1620666023; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 17:00:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:23 GMT; path=/
X-lat: lhrpug013:0:348
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Mon, 10 May 2021 17:00:22 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=4AeL6U7xzzQYdIb9zni8WyLc; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4AeL6U7xzzQYdIb9zni8WyLc
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 94B3 42 B
992 B 60ms
28ms Document
image/gif 2606:4700:3039::6815:c036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c036 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09f8d2105e0000978a5a304000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64d4b92d6857978a-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 8280
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
440 B

180ms
178ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aWnoeUujieUo7YxS4pw9b82aE41U6skDQF9M2PLB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aonseFq0I1e9yNy6Qw6UUX4R3xI19MiYm3XElSjUGBTtvKVDmZb2UDEH8BcjAZcXhK9GKyJFQ2G6YBBC4DsLmW; path=/; domain=.tribalfusion.com; expires=Sun, 08-Aug-2021 17:00:22 GMT; SameSite=None; Secure; ANON_ID_old=aonseFq0I1e9yNy6Qw6UUX4R3xI19MiYm3XElSjUGBTtvKVDmZb2UDEH8BcjAZcXhK9GKyJFQ2G6YBBC4DsLmW; path=/; domain=.tribalfusion.com; expires=Sun, 08-Aug-2021 17:00:22 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 09f8d2111400002b9504049000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64d4b92e8b172b95-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 10 May 2021 17:00:22 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 819
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aWnoeUujieUo7YxS4pw9b82aE41U6skDQF9M2PLB; path=/; domain=.tribalfusion.com; expires=Sun, 08-Aug-2021 17:00:22 GMT; SameSite=None; Secure; ANON_ID_old=aWnoeUujieUo7YxS4pw9b82aE41U6skDQF9M2PLB; path=/; domain=.tribalfusion.com; expires=Sun, 08-Aug-2021 17:00:22 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09f8d2105e00002b95ce2ae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64d4b92d682a2b95-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame A9AD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bk9kt9fdFkNS&pid=557219

1 B
464 B

197ms
33ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bk9kt9fdFkNS&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 17:00:22 GMT; path=/
X-lat: lhrpug017:0:1561
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-dxrrg
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=bk9kt9fdFkNS;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 05-May-2022 17:00:22 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=c730f73295ced5fc; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bk9kt9fdFkNS&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame B39C 0
44 B 354ms
110ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36176163&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Mon, 10 May 2021 17:00:21 GMT
server: a

GET
H/1.1 200
OK Cookie set csync Show response
sync.adtelligent.com/ Frame 1CFB 43 B
511 B 578ms
379ms Document
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=306114&extuid=%20PM_UIDDA04396B-DEE6-481D-8CBC-1B2B16A632B4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 10 May 2021 17:00:21 GMT
Content-Type: image/gif
Content-Length: 43
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=9d12e21738534478; expires=Sun, 11 Jul 2021 17:00:22 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a306114= PM_UIDDA04396B-DEE6-481D-8CBC-1B2B16A632B4; expires=Sun, 11 Jul 2021 17:00:22 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2gQ5a97mSB2MvBsrFqYytA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2gQ5a97mSB2MvBsrFqYytA%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

27ms
27ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=86883
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Tue, 11 May 2021 17:08:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5085 95 B
490 B 57ms
32ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64d4b92d788f2c36-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09f8d2106b00002c36e6a80000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5085
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

42ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:19 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:19 GMT
frontend-id: 5
location: /pubmatic/1/info2?sType=sync&sExtCookieId=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&addseg=31

7 B
147 B

1366ms
28ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Mon, 10 May 2021 17:00:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REEwNDM5NkItREVFNi00ODFELThDQkMtMUIyQjE2QTYzMkI0&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REEwNDM5NkItREVFNi00ODFELThDQkMtMUIyQjE2QTYzMkI0&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

1135ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
X-lat: lhrpug007:0:415
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFU9-gB8XL51XOMjSdjVdig&google_cver=1

42 B
856 B

1138ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFU9-gB8XL51XOMjSdjVdig&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
X-lat: lhrpug010:0:2908
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFU9-gB8XL51XOMjSdjVdig&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5085 43 B
610 B 80ms
24ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 09 May 2021 17:00:22 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8ad2b37f-c03e-43f7-a512-098b1dd49a54

42 B
882 B

436ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8ad2b37f-c03e-43f7-a512-098b1dd49a54
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug011:0:518
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8ad2b37f-c03e-43f7-a512-098b1dd49a54
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6211226300007048328

42 B
801 B

403ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6211226300007048328
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug010:0:428
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6211226300007048328
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a6f26099-66a6-4d00-b61e-cf0179d15850&gdpr=0&gdpr_consent=

42 B
946 B

414ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a6f26099-66a6-4d00-b61e-cf0179d15850&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug018:0:716
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Mon, 10 May 2021 16:59:49 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a6f26099-66a6-4d00-b61e-cf0179d15850&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 10 May 2021 16:59:48 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685982985366737415&gdpr=0&gdpr_consent=

42 B
769 B

1159ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685982985366737415&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
X-lat: lhrpug014:0:302
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:22 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: 3586ea1d-52c3-4399-a9e3-2c2546f3ee91
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685982985366737415&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 DA04396B-DEE6-481D-8CBC-1B2B16A632B4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5085 43 B
839 B 101ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/DA04396B-DEE6-481D-8CBC-1B2B16A632B4?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-X9WP1R1E2uV18qCWilg4KM6DqygPiWU-~A&gdpr=0&gdpr_consent=

0
587 B

106ms
25ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-X9WP1R1E2uV18qCWilg4KM6DqygPiWU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Mon, 10 May 2021 17:00:21 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Mon, 10 May 2021 17:00:22 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-X9WP1R1E2uV18qCWilg4KM6DqygPiWU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=887697ee-e416-4f9c-8ca2-6ee325bd3265&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_624e28f0-f93b-43f3-8ca7-b4e81b99e450&bsw_param=887697ee-e416-4f9c-8ca2-6ee325bd3265&expires=10
https://x.bidswitch.net/ul_cb/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_624e28f0-f93b-43f3-8ca7-b4e81b99e450&bsw_param=887697ee-e416-4f9c-8ca2-6ee325bd3265&expires=10
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3c73194d-7845-44b0-b312-1a55a834922d&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

33ms
32ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3c73194d-7845-44b0-b312-1a55a834922d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:24 GMT
X-lat: lhrpug001:0:534
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3c73194d-7845-44b0-b312-1a55a834922d&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 10 May 2021 17:00:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ

42 B
894 B

1116ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
X-lat: lhrpug018:0:354
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EJaGORCQ3jYLlIhmQ5SSOEWXjGULltsxF58dKiTJ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8478640477814303068&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

54ms
33ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8478640477814303068&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug013:0:349
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8478640477814303068&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJlmpwAA4z6VqAA4&gdpr=0&gdpr_consent=&_test=YJlmpwAA4z6VqAA4

1 B
809 B

33ms
33ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJlmpwAA4z6VqAA4&gdpr=0&gdpr_consent=&_test=YJlmpwAA4z6VqAA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:23 GMT
X-lat: lhrpug004:0:613
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620666024.702047,VS0,VE0
x-served-by: cache-hhn4052-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJlmpwAA4z6VqAA4&gdpr=0&gdpr_consent=&_test=YJlmpwAA4z6VqAA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6f64a22c-2b2e-4f6e-bf80-a39a8d3c3534&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

42ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6f64a22c-2b2e-4f6e-bf80-a39a8d3c3534&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug003:0:768
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6f64a22c-2b2e-4f6e-bf80-a39a8d3c3534&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 10 May 2021 17:00:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 5085 0
103 B 14ms
12ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DA04396B-DEE6-481D-8CBC-1B2B16A632B4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f72fd932-cccb-462b-a6d6-8891e4be558d-609966a7-4348&gdpr=0&gdpr_consent=

42 B
800 B

32ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f72fd932-cccb-462b-a6d6-8891e4be558d-609966a7-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:24 GMT
X-lat: lhrpug001:0:619
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:23 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f72fd932-cccb-462b-a6d6-8891e4be558d-609966a7-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685982985366737415

42 B
505 B

32ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685982985366737415
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug017:0:319
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:22 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 28b92aaa-714c-462f-9054-c13b3280877e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685982985366737415
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_68d9a555-56da-4711-8a07-0a265322aea3

42 B
790 B

63ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_68d9a555-56da-4711-8a07-0a265322aea3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:00:22 GMT
X-lat: lhrpug017:0:409
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_68d9a555-56da-4711-8a07-0a265322aea3
date: Mon, 10 May 2021 17:00:22 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 9BC1 842 B
768 B 47ms
44ms Document
text/html 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_sovrn_pm-db5&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e57411028ab63fba908bfc638af9dbafe67ffce28042e2d7c6e829b2aabc244e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A9RHVRnBukVGhxFRuRjXTKg; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv_sovrn&dcc=t

Response headers

Server: Server
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 407
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 1374 0
0 87ms
61ms Document
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_sovrn_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Mon, 10 May 2021 17:00:22 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1 200
OK Cookie set amazon Show response
ap.lijit.com/beacon/ Frame AF8C 1 KB
1 KB 35ms
34ms Document
text/html 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_sovrn_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 1cc68c2d80850c3b98f865112d935b68cc173b0115bcaee907ce41d29ae115d4

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=a1866077a68932c8d549e921
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 10 May 2021 17:00:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVjKxVLIyNDMytDA3NTMy0lEyM0Plm6LxDQ1Q%2BUbmEL6RuYGFkVEtAJsCEEw%3D;Path=/;Domain=.lijit.com;Expires=Tue, 10-May-2022 17:00:22 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a1866077a68932c8d549e921;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E678 8 KB
3 KB 42ms
37ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_sovrn_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86883
Expires: Tue, 11 May 2021 17:08:25 GMT
Date: Mon, 10 May 2021 17:00:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF8C 43 B
344 B 49ms
48ms Image
image/gif 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=a1866077a68932c8d549e921&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:22 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame AF8C 70 B
265 B 7415ms
52ms Image
image/gif 52.208.69.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.69.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-69-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 17:00:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame AF8C
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=a1866077a68932c8d549e921&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=577835373252
https://ce.lijit.com/merge?pid=66&3pid=577835373252&dnr=1

0
433 B

29ms
28ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=577835373252&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:33 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:33 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=66&3pid=577835373252&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame AF8C
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3684413-a443-4946-b29c-f371be5e4641-003&rndcb=5999884115
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-b3684413-a443-4946-b29c-f371be5e4641-003&rndcb=5999884115
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=8f4cf854-31c9-4a85-92ee-36a425896c9a&google_hm=OGY0Y2Y4NTQtMzFjOS00YTg1LTkyZWUtMzZhNDI1ODk2...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAl2VEp2a2dcFENDaMxSmRk&google_cver=1&ssp=adconductor&bsw_param=8f4cf854-31c9-4a85-92ee-36a425896c9a
https://sync.1rx.io/usersync/bidswitch/887697ee-e416-4f9c-8ca2-6ee325bd3265?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-b3684413-a443-4946-b29c-f371be5e4641-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-b3684413-a443-4946-b29c-f371be5e4641-003
https://ce.lijit.com/merge?pid=56&3pid=RX-b3684413-a443-4946-b29c-f371be5e4641-003

43 B
1 KB

33ms
32ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=RX-b3684413-a443-4946-b29c-f371be5e4641-003
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=56&3pid=RX-b3684413-a443-4946-b29c-f371be5e4641-003
date: Mon, 10 May 2021 17:00:23 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb3684413a4434946b29cf371be5e4641003
content-type: text/html

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame AF8C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=Cg8vmvdqqjt2&ev=1&pid=558511&gdpr_consent=&gdpr=0

43 B
844 B

1091ms
31ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=Cg8vmvdqqjt2&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=Cg8vmvdqqjt2&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-4489t
expires: -1

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame AF8C
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918
https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918&dnr=1

0
433 B

34ms
33ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 17:00:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=10&3pid=2159827870743803918&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BD7B 38 KB
14 KB 34ms
33ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=DA04396B-DEE6-481D-8CBC-1B2B16A632B4; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A220_21_166_22_230_189_13_56_7_88_55_161_3_165_54_8_81_99_71_204_234_176_231%7C1623196800%3A203%7C1621209600%3A67_15_223_2%7C1621468800%3A63%7C1621900800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=80027
Expires: Tue, 11 May 2021 15:14:09 GMT
Date: Mon, 10 May 2021 17:00:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 23ms
22ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-271"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 10 May 2021 17:00:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 23ms
22ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 10 May 2021 17:00:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H/1.1

200
OK

Web_Trial_en.exe
files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/
Redirect Chain

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=urktipk2qn33kdpveih1gscg37
https://files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/Web_Trial_en.exe

0
0

783ms
132ms

Document
application/x-msdos-program

23.111.189.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/Web_Trial_en.exe
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 23.111.189.11 , United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software: lighttpd/1.4.35 /
Resource Hash

Request headers

Host: files1.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _ga=GA1.2.1103933450.1620666021; _gid=GA1.2.1857531254.1620666021; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!

Response headers

Content-Type: application/x-msdos-program
Accept-Ranges: bytes
ETag: "4280530287"
Last-Modified: Fri, 21 Dec 2012 02:37:33 GMT
Content-Length: 103542856
Date: Mon, 10 May 2021 17:11:52 GMT
Server: lighttpd/1.4.35

Redirect headers

Date: Mon, 10 May 2021 17:03:43 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://files1.majorgeeks.com/51cf74d8eca783f8e3dc11d28904a7fcb7af8ffd/office/Web_Trial_en.exe
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5085 0
418 B 128ms
32ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157288&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 15:53:05 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK fanclose.png
www.majorgeeks.com/images/ 6 KB
6 KB 141ms
140ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/fanclose.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
Connection: keep-alive
Referer: https://www.majorgeeks.com/mg/getmirror/microsoft_expression_web,1.html%20%20Thanks!
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 17:03:51 GMT
Last-Modified: Wed, 28 May 2014 03:41:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18af-4fa6d97ccc000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6319

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 3C53 573 B
887 B 9ms
9ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/l/0,cross/RsNJtvEL6i6.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yu/l/0,cross/RsNJtvEL6i6.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZnZiUKvlmlsy0Wj9fbOT4YCGgfQheQHC5TomoMcl9XW9dKhgxmJKp4Uh4IwOk9v8Gi7Vx6dtvy4fesmqFIewHQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 28 Apr 2021 18:33:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Thu, 28 Apr 2022 18:33:43 GMT

GET
H2 200 cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame 3C53 3 KB
3 KB 9ms
9ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yC/l/0,cross/9wahZxoE7c-.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yC/l/0,cross/9wahZxoE7c-.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: QOEDuKqDb0hk9mMxj9yVwas8Z+5vXAH7sZu6LAXpsg8JDNp82D25l8pKTq5kwVERk0dNmS2ue9Tk4D9WcxKX9A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VrHQyF8wNkH5pOhUYwyBPQ==
date: Tue, 04 May 2021 03:50:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 3170
x-fb-rlafr: 0
expires: Wed, 04 May 2022 03:50:14 GMT

GET
H2 200 n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame 3C53 3 KB
3 KB 7ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/l/0,cross/RsNJtvEL6i6.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yu/l/0,cross/RsNJtvEL6i6.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: N2EVKGN4vwNiiYyoDnfPV5yKmOgdFYKlrPAlc7xCq8wSjBWIOHvLr2yl9GyXUmPZ4eyD5+kMVgh/itHHfMBapg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FxoGPHP5kucUksTSZgXu4w==
date: Fri, 07 May 2021 22:12:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 3249
x-fb-rlafr: 0
expires: Sat, 07 May 2022 22:12:09 GMT

GET
H2 200 1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame 3C53 79 B
199 B 9ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:00:31 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/png
access-control-expose-headers: X-FB-CEC-Video-Limit
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 79
expires: Mon, 10 May 2021 17:00:31 GMT

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 3C53 0
940 B 35ms
34ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__beoa=0&__bhv=2&__ccg=EXCELLENT&__comet_req=0&__csr=&__dyn=7xe6HzE4e685KbwKBAobVod8d898nwgU6C7UW3q320-E7W0TUhwemE1tFEdEnwcG0KEswaq1xwEw7BKdwnU1hotw78wdK0D83mwaS0zE0I6&__hs=18757.PHASED%3Aplugin_default_pkg.2.0&__hsi=6960707558991134657&__pc=PHASED%3Aplugin_default_pkg&__req=3&__rev=1003760924&__s=%3A%3Apid5c9&__sp=1&__user=0&dpr=1&jazoest=21911&lsd=l0vtDdUQuM231TUPMkzJkk

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/__q9dxH6_x1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryT8KLB2cLbh0uyyRA

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Ofi1tNVFRdW3BujpNwTdOmsYnUBGHPgKErj202YU/ZsWgB7/hZ2m3edcHbDMNBi+bQ+DylJmELHprJgsxG6UHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 May 2021 17:00:32 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
access-control-expose-headers: X-FB-Debug, X-Loader-Length

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 29) Message: triggered on event listener
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.majorgeeks.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz(Line 56) Message: ErrorUtils caught an error: Cannot listen to an undefined element. [Caught in: Tried to listen to element of type click] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 28) Message: sending ad server request

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
aud.pubmatic.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn-images.mailchimp.com
cdn.thisiswaldo.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
data.adsrvr.org
de.tynt.com
dis.criteo.com
dsp.adfarm1.adition.com
files1.majorgeeks.com
googleads.g.doubleclick.net
green.erne.co
ib.adnxs.com
ic.tynt.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipfind.co
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
ra.majorgeeks.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.tribalfusion.com
s7.addthis.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
scontent.xx.fbcdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.trafmag.com
thisiswaldo.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
v1.addthisedge.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.majorgeeks.com
x.bidswitch.net
z.moatads.com
104.109.85.134
13.224.103.105
142.250.186.66
151.101.114.49
154.59.122.79
159.253.128.183
162.55.6.213
169.197.150.7
178.250.2.151
178.62.202.251
18.156.0.31
18.157.110.16
18.158.181.33
185.29.135.234
185.33.221.88
185.33.223.178
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.132
188.165.137.78
193.0.160.128
193.200.65.5
198.148.27.139
2.18.233.180
2.18.235.40
2001:678:cb4:bbbb::11
208.100.17.181
208.100.17.186
213.155.156.184
213.19.147.44
216.52.2.19
216.58.212.130
23.111.189.11
23.111.189.3
23.111.189.6
2600:9000:2190:6200:6:44e3:f8c0:93a1
2600:9000:2190:6c00:9:46dc:4700:93a1
2600:9000:2190:800:4:164e:ca00:93a1
2606:4700:10::6816:1957
2606:4700:3039::6815:c036
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c04::9c
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5139::2
3.121.254.42
34.98.107.212
35.186.253.211
35.201.96.126
37.157.5.142
5.178.65.245
52.15.219.226
52.208.69.189
52.209.246.140
52.52.67.66
52.95.118.60
54.77.19.59
62.149.0.72
65.9.63.91
66.155.71.150
72.251.241.196
72.251.249.9
76.223.111.131
77.243.60.138
85.114.159.93
88.214.206.142
004b218b3e50faf50c41eb6de8c4ed74670559d2657e65378a4205566c0d388e
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705
103b6c07a72568f476848af5478b0837cb65e6a65e22015b8c0d118ae76c2742
14951e70ab348fa3aabb890d1fd55c0348eec89121ad6a5333f67d3fcbe146e9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d
1cc68c2d80850c3b98f865112d935b68cc173b0115bcaee907ce41d29ae115d4
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
258531131d81a1ab0e0a73dc45044046701a122fcacdceae0944894016be3d38
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec44b70aa20129513bc61eb4b86c1ca854b425cec7eda03f8652093374c0f5b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51579ba35f311b96e2c434b70b79d5a7c096be88182c9c10c3eed1b3ff60a34a
589222eaa89338e39dcfdf25b7362e2af8a4298c40a24d157a9369d166162d8a
5b5493fe387d1e5e24256bc4cbcab6ef80aa03c0a7bcdb7120425242c73d4df0
5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64bf196f1f6e695daac5501103dcfc2d88864f9be4bcd8e5256bb8094479f835
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bda1ee5b0a3bb8ef319ea21b051ae78784846960cbca0f49ecefc4410572dbb
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
77b5e693452780b83fde1f7a2b7774da13c574449941900bc0dfa82a1614239c
78026d98a6e86fa2dd6da3307e95177519f328ab7e9290ef9c6b1a2fab7cf4ab
7d98f53dfc8cad156f67623dd75bab5d83d75dbfe89acd2f47ea0ec18bf3d431
7efd1977b84e2a68977c853796967c4c378aafed8f46f01141010e68d8119de7
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
835648ed7104d9b73272dac28182472e1c206eb14ff8cd1738c722d14308396d
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
83a29606c06f2eec31cab9b9292154f47a3041b2b2ce0bfeef4400c375c2cc22
897f17e04cb14409b14bdc52b5f57291a85c452efd13cd3804e280ac5887afd1
89cbf205e943dc7f53c0936857783b5a8933be44cfda6ebcef53ea32614b530d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eda946ae4429f4b970d21fbb8074988b98b18621200405b9c8df9c112bc457b
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
93f252ec58cb74551f6864238622de50eb34f010d278632bba210a749cfc0811
964dcb8552e8038a469bd8f55982cafc9f8980ccc9fa357bd144dc9a142538f3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3d079b9cce69798289b226dd673eee4be33e7266675776c99a8a717c15d1ecc
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b244ba5ce0a344e949e87c95f3218028f2d02c1fb3fb155de1872ab20c17e83f
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
b2f87f9f1842ac3ac7c538ebae92128f79b10e59a00b8208e1769f7593a0009d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c57d72c0f660488cb3edd784ef0b7479114620fdbfa6d0edc3a6906d21b7136c
c7366ddfa335cb2d01a2c0d5a21dd98913f176f8043bc10defcb3109f9ebd8fc
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db75e23783bed199c14f86edfaf21dc221c6301014cad2249faa7b1344abe74b
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e515012c8286166432351fbb9226d5cfa996b695d0b881f59a7a0904756ce882
e57411028ab63fba908bfc638af9dbafe67ffce28042e2d7c6e829b2aabc244e
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
eb30289f9e4df7ea7a22714a51d911e790e76d3debdbd9139cc201028b0ca35a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

www.majorgeeks.com Open in urlscan Pro 23.111.189.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

26 %IPv6

61 Domains

86 Subdomains

49 IPs

10 Countries

1349 kBTransfer

3824 kBSize

0 Cookies

7 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

26 %
IPv6

61
Domains

86
Subdomains

49
IPs

10
Countries

1349 kB
Transfer

3824 kB
Size

0
Cookies

130 HTTP transactions
1 data transactions