m.majorgeeks.com Open in urlscan Pro
23.111.189.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Submission: On August 06 via manual (August 6th 2021, 11:57:33 pm UTC) from US

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 76 HTTP transactions. The main IP is 23.111.189.6, located in Tampa, United States and belongs to . The main domain is m.majorgeeks.com.
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.

This is the only time m.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	23.111.189.6 23.111.189.6	() ()
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	23.111.189.3 23.111.189.3	() ()
5	104.75.88.126 104.75.88.126	() ()
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	23.111.189.11 23.111.189.11	() ()
76	17

6 23.111.189.6 (Tampa, United States) 1 redirects

ASN- ()
PTR: dev.majorgeeks.com

m.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.189.3 (Tampa, United States)

ASN- ()
PTR: majorgeeks.com

majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN- ()
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.189.11 (Tampa, United States)

ASN- ()
PTR: files1.majorgeeks.com

files1.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	344 KB
16	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	48 KB
10	majorgeeks.com 1 redirects m.majorgeeks.com majorgeeks.com www.majorgeeks.com files1.majorgeeks.com	66 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	65 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	addthis.com s7.addthis.com	192 KB
3	googletagservices.com www.googletagservices.com	103 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de	975 B
1	addthisedge.com v1.addthisedge.com	941 B
1	moatads.com z.moatads.com	1 KB
1	googleapis.com fonts.googleapis.com	674 B
1	googleadservices.com partner.googleadservices.com	659 B
0	addnow.com Failed cdn.addnow.com Failed
76	14

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	m.majorgeeks.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	m.majorgeeks.com	1 redirects m.majorgeeks.com
4	s7.addthis.com	m.majorgeeks.com s7.addthis.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	m.majorgeeks.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.majorgeeks.com	m.majorgeeks.com
1	files1.majorgeeks.com	m.majorgeeks.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	majorgeeks.com	m.majorgeeks.com
0	cdn.addnow.com Failed	m.majorgeeks.com
76	21

This site contains links to these domains. Also see Links.

Domain
www.majorgeeks.com
www.contentteller.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.addthis.com

Subject Issuer	Validity	Valid
m.majorgeeks.com R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
majorgeeks.com R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
files1.majorgeeks.com R3	`2021-06-27` - `2021-09-25`	3 months	crt.sh

This page contains 9 frames:

Frame: https://files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/CrystalDiskInfo8_12_5.zip
Frame ID: B0713C355F93F428F5508016C3B566F3
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: 6EB86FCE97D4C228F12A224C6083C557
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103
Frame ID: 1AB3F2FBC7AAF548C4707EB92939F440
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A57F69EE8D809B1C5F4C8033F9356DB1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
Frame ID: 0ADF3EC1D377FD2019EB85AA4A1023C4
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1628294234&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234424&bpp=1&bdt=1015&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 87FFE310F02FBB89B993F3C90390C993
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Frame ID: AF92E49E97FC0568D60F88138DD0EEE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 47315BC13663B03A8FCE7FE45DB923B2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F26373A8F89333EDE86F09CE9B63EB74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

76
Requests

99 %
HTTPS

63 %
IPv6

14
Domains

21
Subdomains

17
IPs

3
Countries

842 kB
Transfer

2150 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.majorgeeks.com/files/details/crystaldiskinfo.html
Title: available as an installer

Search URL Search Domain Scan URL

URL: https://www.majorgeeks.com/files/details/majorgeeks_com_android_app.html/
Title: Like our content? Try our Andriod App!

Search URL Search Domain Scan URL

URL: http://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Follow on TwitterTwitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UC9-wz8Md_X6V3BCihYW3jig?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/majorgeeksdotcom
Title: Follow on InstagramInstagram

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 76

https://m.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=u0hodiv64qt1sp1j2egg154nc6 HTTP 302
https://files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/CrystalDiskInfo8_12_5.zip

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set crystaldiskinfo_portable,1.html Show response
m.majorgeeks.com/mg/getmirror/ 10 KB
4 KB 917ms
449ms Document
text/html 23.111.189.6

General

Check archive.org

Show headers Download Go to

Full URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN (),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 86fdda120080df3a681e952ab74e340b995cd9212c27a70c38f63756ba2df8b3

Request headers

Host: m.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:49 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=u0hodiv64qt1sp1j2egg154nc6; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3868
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
m.majorgeeks.com/core/javaload/ 95 KB
33 KB 170ms
169ms Script
text/html 23.111.189.6

General

Check archive.org

Show headers Download Go to

Full URL: https://m.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN (),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: m.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Cookie: PHPSESSID=u0hodiv64qt1sp1j2egg154nc6
Connection: keep-alive
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:50 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK index.php
m.majorgeeks.com/ 49 KB
5 KB 471ms
166ms Stylesheet
text/css 23.111.189.6

General

Check archive.org

Show headers Download Go to

Full URL: https://m.majorgeeks.com/index.php?ct=core&action=css&id=7
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN (),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: c121205720e4c04018b21fc8483cded3a517ff1efff7f8797edd2f17ef89d75e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: m.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Cookie: PHPSESSID=u0hodiv64qt1sp1j2egg154nc6
Connection: keep-alive
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:50 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 5218

GET
H/1.1 200
OK majorgeeks.gif
m.majorgeeks.com/images/logos/ 16 KB
16 KB 156ms
155ms Image
image/gif 23.111.189.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN (),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: m.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Cookie: PHPSESSID=u0hodiv64qt1sp1j2egg154nc6
Connection: keep-alive
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:50 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16513

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 12364812339251644168
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 23:57:13 GMT

GET
H/1.1 200
OK click_here.gif
majorgeeks.com/images/ 1 KB
2 KB 625ms
157ms Image
image/gif 23.111.189.3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://majorgeeks.com/images/click_here.gif
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN (),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:51 GMT
Last-Modified: Wed, 08 May 2013 03:02:26 GMT
Server: Apache/2.4.10 (Debian)
ETag: "5c4-4dc2c29df1480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1476

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 610ms
155ms Image
image/png 23.111.189.3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN (),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:51 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1402

GET
H/1.1 200
OK advertisement.js Show response
www.majorgeeks.com/b/ 45 B
341 B 622ms
157ms Script
application/javascript 23.111.189.3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/b/advertisement.js
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN (),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:51 GMT
Last-Modified: Sat, 29 Apr 2017 07:29:37 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d-54e4926fdaee0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 45

GET
H/1.1 200
OK index.php
m.majorgeeks.com/ 3 KB
3 KB 171ms
171ms Image
image/png 23.111.189.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN (),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: m.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Cookie: PHPSESSID=u0hodiv64qt1sp1j2egg154nc6
Connection: keep-alive
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 00:00:50 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 147ms
56ms Script
application/javascript 104.75.88.126

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN (),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 06 Aug 2021 23:57:13 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame 6EB8 10 KB
5 KB 27ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 06 Aug 2021 19:31:05 GMT
expires: Fri, 20 Aug 2021 19:31:05 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 15968
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6960825562757852&plah=m.majorgeeks.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 390643862346785813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 23:57:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
659 B 142ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=m.majorgeeks.com&callback=_gfp_s_&client=ca-pub-6960825562757852

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6960825562757852&plah=m.majorgeeks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2a5b450dd819a1f53d066390081d5a42b4d5031bd6ed246fad9e127beae0aa50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.majorgeeks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.majorgeeks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AB3 69 KB
23 KB 245ms
231ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7366a88c38fafb099af882193c0b3bbc1c239ad509337361384ad6babcb9af3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 23:57:14 GMT
server: cafe
content-length: 23835
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Aug-2021 00:12:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 23:57:14 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Fri, 06 Aug 2021 23:57:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1AB3 3 KB
674 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 22:46:36 GMT
server: ESF
date: Fri, 06 Aug 2021 23:57:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 23:57:14 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 1AB3 1 KB
936 B 32ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:54:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 1AB3 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:13:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 1AB3 2 KB
1 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:31:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AB3 125 KB
38 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Fri, 06 Aug 2021 23:57:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 1AB3 14 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:36:49 GMT

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 1AB3 26 KB
11 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 20:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Nov 2021 20:41:36 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1AB3 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTX5yWswNYep6jozuA7qWudgG67jYvmKovZqi0QzAjbcBEAEgh9-KAmCVAqABpZqE-wLIAQGpApVYfFm_QpE-qAMByAPDBKoEgQJP0LlfAmWbo8kIJBm2QUd6oMTcd9Z4KUr1-pgVR8rtoXQSnhsMg7zeZWY1vmfLsAQa7a5zh9scKWuha5W-jfXIhppX6MWqAfS7wNX4HAR0WpdoTCtVRELc2fy4EgCilqWny-8nRf78SFkxGN-ItUnXLH2AQL3WEuc3T-Ip9ucPlG9VuTfrQAqGLk0cIeHdQkxn5KVAuONsCAS2VUANQGsY5hhKcognhY4ZCXCOSppsXFPPSsEcEz8Az8UAECCEJnTcWqnzfUyGz5rS_6m494uyrv7Ql4yngRfVfBD8APZdt8TXB0nRLbeIJi5lOZEnlJ3p5dwShjLF2pVYXwQHKw9cm8AEpc7amK0DkgUECAQYAZIFBAgFGASgBmaAB8Pl-4QBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEMCgxQHSCAkIgOGAcBABGB-ACgHICwHYEwqIFAHQFQGAFwGyFxoKGAgAEhRwdWItNjk2MDgyNTU2Mjc1Nzg1Mg&sigh=VFqVI47IQko

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 23:57:14 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A57F 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=280&slotname=3385983927&adk=2469081132&adf=721852255&pi=t.ma~as.3385983927&w=1200&fwrn=4&fwrnh=100&lmt=1628294233&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294233885&bpp=17&bdt=477&idt=80&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=2019540940026&frm=20&pv=2&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=224&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jwodujwBqo&p=https%3A//m.majorgeeks.com&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A57F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlnOwBxo11mh-35n9Xradf4cjjcZvd5XsvUbuHONOw51ltWuN-XsBKmolVWp0k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 23:57:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 07-Aug-2021 00:57:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 23:57:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 23:57:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1AB3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b734eb274c18470eaa282e0867dcb2eac3581511bf41be979b9f79ca995872c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1AB3 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 336896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1AB3 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 295852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:46:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.majorgeeks.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.majorgeeks.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0ADF 108 KB
19 KB 566ms
565ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d9821702f843edb310847369c4a5266186d99256afd69bc5df62a11681de7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlnOwBxo11mh-35n9Xradf4cjjcZvd5XsvUbuHONOw51ltWuN-XsBKmolVWp0k; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 23:57:14 GMT
server: cafe
content-length: 19528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET addnow.js
cdn.addnow.com/widget/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2613
date: Fri, 06 Aug 2021 23:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 07 Aug 2021 01:13:41 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 191ms
63ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55429
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87FF 0
16 B 16ms
15ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1628294234&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234424&bpp=1&bdt=1015&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1628294234&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234424&bpp=1&bdt=1015&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlnOwBxo11mh-35n9Xradf4cjjcZvd5XsvUbuHONOw51ltWuN-XsBKmolVWp0k; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 23:57:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 3 KB
941 B 63ms
62ms Script
application/javascript 104.75.88.126

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
etag: -316279931--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=54, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 765

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame AF92 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1149328350&t=pageview&_s=1&dl=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&ul=en-us&de=UTF-8&dt=Download%20CrystalDiskInfo%20Portable%208.12.5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=935478504&gjid=495534394&cid=1231962991.1628294234&tid=UA-956038-1&_gid=958274845.1628294234&_r=1&_slc=1&z=1880281839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 23:57:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
461 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-956038-1&cid=1231962991.1628294234&jid=935478504&gjid=495534394&_gid=958274845.1628294234&_u=IAhAAEAAAAAAAC~&z=1132044242

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 Aug 2021 23:57:14 GMT
content-type: text/plain
access-control-allow-origin: https://m.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 53ms
53ms Script
application/javascript 104.75.88.126

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN (),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 06 Aug 2021 23:57:14 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame 0ADF 8 KB
3 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 20:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Nov 2021 20:41:51 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 0ADF 1 KB
857 B 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:54:34 GMT

GET
H3-29 200 0c9fe3a50475b5255e6eb3a934d39f25.js Show response
www.gstatic.com/mysidia/ Frame 0ADF 18 KB
8 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0c9fe3a50475b5255e6eb3a934d39f25.js?tag=exit_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc3e58d09b5697e5e2d801fe620f9a013a50a0acc8fb4ea0476fd241761b47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 21:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8041
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Nov 2021 21:58:17 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 0ADF 18 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:13:26 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 0ADF 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:31:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ADF 125 KB
38 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Fri, 06 Aug 2021 23:57:14 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 0ADF 14 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:36:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0ADF 0
0 33ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYeRxY_R4bG-C4mTn_VmnxM__ki7FQoDRZqiYEKNuHkQ9cRLxkXQ9Wl2SAIKE63pKkWEfw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13353026108026125647/ Frame 0ADF 17 KB
17 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13353026108026125647/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22d675890a4de3f927a46088e3bd7da3f272771f3352b9033fa119997cdf52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:55:39 GMT
x-content-type-options: nosniff
age: 320495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17153
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 16:42:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:55:39 GMT

GET
H3-29 200 2155158684056057539
tpc.googlesyndication.com/icore_images/ Frame 0ADF 18 KB
18 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2155158684056057539

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e7e104efe88a8820fc0761aab17749aa4481cf7366c0de71663b45229fefe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 19:15:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 16:13:27 GMT
server: sffe
age: 448885
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18733
x-xss-protection: 0
expires: Mon, 01 Aug 2022 19:15:49 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13609449273625712793/ Frame 0ADF 9 KB
9 KB 20ms
18ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13609449273625712793/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aec2c8f08c9648716fe0285a2a92bc042f2dcaf2d62d170ac9249b280d2cad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:24:26 GMT
x-content-type-options: nosniff
age: 304368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8974
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 16:14:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 11:24:26 GMT

GET
H3-29 200 11870107652957533624
tpc.googlesyndication.com/icore_images/ Frame 0ADF 13 KB
13 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/11870107652957533624

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2adaad3b5a5a92d6d9649e123cc0f19a20aacd6bc012d4f943ffe5b1d9e8f7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:36:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 15:29:44 GMT
server: sffe
age: 318019
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12981
x-xss-protection: 0
expires: Wed, 03 Aug 2022 07:36:55 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 0ADF 14 KB
14 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3f9e0eec5b585b86c19bc175b155922daf524f542bba4703c5d1675e0f01b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:53:28 GMT
x-content-type-options: nosniff
age: 320626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14771
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 14:22:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:53:28 GMT

GET
H3-29 200 7870048651918268355
tpc.googlesyndication.com/icore_images/ Frame 0ADF 14 KB
14 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/7870048651918268355

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87fc9702ebe8c2321d3195ab32a153f09cf10f3b5b9c6c8b26afc3978b06ae31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 05:12:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 12:48:02 GMT
server: sffe
age: 585894
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14796
x-xss-protection: 0
expires: Sun, 31 Jul 2022 05:12:20 GMT

GET
H3-29 200 5774165512583108417
tpc.googlesyndication.com/icore_images/ Frame 0ADF 21 KB
21 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/5774165512583108417

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f153dcc4467cf46aafb2698e804d85eb9f18d130b6c3a6ccf951357c272aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:14:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Oct 2020 16:52:08 GMT
server: sffe
age: 121354
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21085
x-xss-protection: 0
expires: Fri, 05 Aug 2022 14:14:40 GMT

GET
H3-29 200 5127495539701379208
tpc.googlesyndication.com/icore_images/ Frame 0ADF 18 KB
18 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/5127495539701379208

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f094c0bee244e5eb3237de62631959bac10af6d81ba7389fe5fa2907d196518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:39:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 17:43:01 GMT
server: sffe
age: 314263
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18085
x-xss-protection: 0
expires: Wed, 03 Aug 2022 08:39:31 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C49-DWswNYePMF8eOgAfA7LwIwPmWm2KH077b4Ara2R4QASCH34oCKAhglQKgAfOlsMkDyAEGqQLj5fKHNdtoPqgDAcgDAqoEigJP0AWuL4TcrbpToaMC8IB7EjfUU08ioWD0hLNtTHtwxPoo66ahDdKPnYo8MGC8YfZkK6PiAt2bnunTK5ojbcoRpHj0ZGhx4j46kbgUlbDOe09Y5odm0mWuxcCXzEYP8DIjmR2f3idlW9kE2bVbZAoYsrWqFkmv7adx62HM7pM359kGAtU_cYKNNmgw1fwg0K1ngHDYGFOBI9btFf_bOfJ4eYblg3o37ohPyXMof-t4cjISjwQOqI8atqrWtkNRB7B2t3llBTB4M5pOfDKHWJn1DWAtIuU3FoO0GNV4GQHsoEC9abT_VttJWqSBpO4OAOjL5WKoSWATW5P8RAI51VJaaE3dQDRE6pX5eMAE-b6y86gCiAXZod-jGJIFCggDEAEYAToCCAWSBQQIBBgBkgUECAUYBKAGN4AH9dnPNqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCa_GvSCAkIgOGAcBABGB-ACgHICwHCEwYY86WwyQPYEwKIFALQFQGAFwGyFxoKGAgAEhRwdWItNjk2MDgyNTU2Mjc1Nzg1Mg&sigh=Y_F0qWykoZg&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6nXWswNYePMF8eOgAfA7LwIpdWdsQWN3MK6nwKmnq2NaxACIIffigIoCGCVAsgBAagDAcgDAqoE3wFP0P0eobnEHoNDfox__MR5ATreREM06mjox2oDKfBD_Pti7abp4eP6L_8NKGfyPqozKuHuRt-Ik-PEJ4xoZdZS6Hr-ZGJzuTQ2l6cSle3CexlI4J95wm2xysCKwUA-5jIOnROPxiMrBpJAnPZf8GZ2krapfkhOLE1gpmTHTK7yCjIFqtSXhwQK3mvsKwojEOxnNYbbmFGB1iDuFT_SzAR5cYbndoww7oBNPIUrfeN4h8QQiwQHX3kZtqrWQ7VSBrB2Q49mBTB4xmxNfDKHrW_2DWAvwhbp9DiC-CfAtoXmwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=4aotHLFbiKQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CITUBWswNYePMF8eOgAfA7LwIirnovGKlgJugvA2I2vSapCMQAyCH34oCKAhglQKgAd25wr0ByAEGqQIUA87MtruzPqgDAcgDAqoEhAJP0Br-u5nHlILhErJ_s8N3GTLJRk0ir3ipyb9vm8B5_fkq6-7vC9JlRs4RLGC4Yr9xK-GhQdGQm_TGKZotdZdcqHq2JmI5qjwriLwPla3TJgNJ7Y1hx2imyNqPzkEH-QIMhgCZyyRrUpAZxvNHfQuUU7YolEpuL7mrIfrVjsXhFzLl4zzU9wBi3bfnKwojmOUnNYZbmFOB1iDu1TbSzAR7eYTndow07ohPPIUpdeN4h8QViwwEX3kZtqrWQ7VTBrB3Q49mBTB4xmxNfDKHrW_2DWAt1xM0FoO07SN7GQHuQqZRZL-AY9tJWqSBpO4O7aE85WKoU2ANVIf_SgIYlzAya2Xal8AEw-SK6soDiAXn87qSL5IFCggDEAEYAToCCAWSBQQIBBgBkgUECAUYBKAGN4AHi8a9wgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsBwhMGGN25wr0B2BMNiBQG0BUBmBYBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=q14UNdhjyug&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMOeqWswNYePMF8eOgAfA7LwIpdWdsQWN3MK6nwKmnq2NaxAEIIffigIoCGCVAsgBAagDAcgDAqoE3wFP0P0ep7nEHoNDfox__MR5ATreREM06mjox2oDKfBD_Pti7abp4eP6L_8NKGfyPqozKuHuRt-Ik-PEJ4xoZdZS6Hr-ZGJzuTQ2l6cSle3CexlI4J95wm2xysCKwUA-5jIOnROPxiMrBpJAnPZf8GZ2krapfkhOLE1gpmTHTK7yCjIFqtSXhwQK3mvsKwojEOxnNYbbmFGB1iDuFT_SzAR5cYbndoww7oBNPIUrfeN4h8QQiwQHX3kZtqrWQ7VSBrB2Q49mBTB4xmxNfDKHrW_2DWAvwhbp9DiC-CfAtoXmwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=zxlF47ZystY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C06wUWswNYePMF8eOgAfA7LwI_MXjwmGG7_fo9AyQndd5EAUgh9-KAigIYJUCoAHIsanNA8gBBqgDAcgDAqoEgQJP0H6ms5nBlILhErJ_s8N3GTLJRk0ir3ipyb9vm8B5_fkq6-7vC9JlRs4RLGC4Yr9xK-GhQdGQm_TGKZotdZdcqHq2JmI5qjwriLwPla3TJgNJ7Y1hx2imyNqPzkEH-QIMhgCZyyRrUpAZxvNHfQuUU7YolEpuL6SrIb-MlykR_NEECtdSde-JAmAZ3Qlr0KWSwwXbmFN0ICMuHD8nOgd7e4YSgI807oi6yoQjfeONccMRgwbzqXoZtqojtbdSBrGDtYxmBTCNMG9NfDJyW2z2DWDYIRA0FoNBGyB7GQMMpFRbEVeiZoDhZQHIpiMG-yRx0Paq-MhDHTUH3rw58a6BcMAE7dy3nqwDkgUECAQYAZIFBAgFGASgBjeAB-Tq4jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsBwhMGGMixqc0D2BMMiBQF0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=sRLuEgMVsV8&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0bWqWswNYePMF8eOgAfA7LwIpdWdsQWN3MK6nwKmnq2NaxAGIIffigIoCGCVAsgBAagDAcgDAqoE3wFP0P0epbnEHoNDfox__MR5ATreREM06mjox2oDKfBD_Pti7abp4eP6L_8NKGfyPqozKuHuRt-Ik-PEJ4xoZdZS6Hr-ZGJzuTQ2l6cSle3CexlI4J95wm2xysCKwUA-5jIOnROPxiMrBpJAnPZf8GZ2krapfkhOLE1gpmTHTK7yCjIFqtSXhwQK3mvsKwojEOxnNYbbmFGB1iDuFT_SzAR5cYbndoww7oBNPIUrfeN4h8QQiwQHX3kZtqrWQ7VSBrB2Q49mBTB4xmxNfDKHrW_2DWAvwhbp9DiC-CfAtoXmwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=GUibShqQPjY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1LfWswNYePMF8eOgAfA7LwIpdWdsQWN3MK6nwKmnq2NaxAHIIffigIoCGCVAsgBAagDAcgDAqoE3wFP0P0epLnEHoNDfox__MR5ATreREM06mjox2oDKfBD_Pti7abp4eP6L_8NKGfyPqozKuHuRt-Ik-PEJ4xoZdZS6Hr-ZGJzuTQ2l6cSle3CexlI4J95wm2xysCKwUA-5jIOnROPxiMrBpJAnPZf8GZ2krapfkhOLE1gpmTHTK7yCjIFqtSXhwQK3mvsKwojEOxnNYbbmFGB1iDuFT_SzAR5cYbndoww7oBNPIUrfeN4h8QQiwQHX3kZtqrWQ7VSBrB2Q49mBTB4xmxNfDKHrW_2DWAvwhbp9DiC-CfAtoXmwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=TZLWAX4YOK0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ADF 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C59-yWswNYePMF8eOgAfA7LwIpdWdsQWN3MK6nwKmnq2NaxAIIIffigIoCGCVAsgBAagDAcgDAqoE3wFP0P0eq7nEHoNDfox__MR5ATreREM06mjox2oDKfBD_Pti7abp4eP6L_8NKGfyPqozKuHuRt-Ik-PEJ4xoZdZS6Hr-ZGJzuTQ2l6cSle3CexlI4J95wm2xysCKwUA-5jIOnROPxiMrBpJAnPZf8GZ2krapfkhOLE1gpmTHTK7yCjIFqtSXhwQK3mvsKwojEOxnNYbbmFGB1iDuFT_SzAR5cYbndoww7oBNPIUrfeN4h8QQiwQHX3kZtqrWQ7VSBrB2Q49mBTB4xmxNfDKHrW_2DWAvwhbp9DiC-CfAtoXmwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmvxr0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY5NjA4MjU1NjI3NTc4NTI&sigh=z8WDh3NUWyw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=600&slotname=8734542405&adk=109673399&adf=1104913908&pi=t.ma~as.8734542405&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1628294234&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fm.majorgeeks.com%2Fmg%2Fgetmirror%2Fcrystaldiskinfo_portable%2C1.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628294234365&bpp=1&bdt=957&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2019540940026&frm=20&pv=1&ga_vid=1231962991.1628294234&ga_sid=1628294234&ga_hid=1149328350&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=196&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9hAJq1dKy3T8zSz4G0O18DL18grDflSD5XBMq_GLVS7MTdnwbY3LWQJBQthcMaltyhO_zXIfnsH_U9&pvsid=3453059660191232&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rlefB0AZeA&p=https%3A//m.majorgeeks.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 23:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0ADF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7bfbebd5c937ea5f6944df20ff9c5ecc40e8502d82c176d4a820ee2bfaa464

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1AB3 42 B
64 B 55ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHiOwtE08j2uC_2g_g1z4UasnXV68Qn-Kd6GW8JbPZ8vUInG2y5NsvawPsaAamcUQeXu4MOYN74uqmmXZKhVSAL8MIPEFNLbPVoXEL5SkV-Qnu_GEt8JiL1MKYpA&sai=AMfl-YRVJZ0LRJnnZI90W8rxK9Qard-faPZKPg3Vx5u3jq1KMXq4ia70X7i003siGyg75aGGYsAgLYXIt2Xf&sig=Cg0ArKJSzMJew5FulRhgEAE&id=lidar2&mcvt=1000&p=64,224,344,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2469081132&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628294233993&rpt=485&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 23:57:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 45ms
44ms Script
application/javascript 104.75.88.126

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN (),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-271"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 06 Aug 2021 23:57:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 59ms
59ms Script
application/javascript 104.75.88.126

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN (),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 06 Aug 2021 23:57:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2414afd67cd05a12001ef9b4963a5d04b9bdab1d08ecb14568ede05d206d60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 23:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8584
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 23:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 06 Aug 2021 23:57:15 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4731 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 06 Aug 2021 21:35:25 GMT
expires: Sat, 06 Aug 2022 21:35:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F263 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1fc0f788cd19379f03ec0a3a02f0cb411acf7e1b3b74513efc15fc4db4980931

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9Kk/hWGbmABD7L/ITh/6rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/

Response headers

expires: Fri, 06 Aug 2021 23:57:15 GMT
date: Fri, 06 Aug 2021 23:57:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9Kk/hWGbmABD7L/ITh/6rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4731 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=3453059660191232&bg=!SkmlSQ3NAAals0SOpbM7ACkAdvg8Wl0ixBqppZ6kQ1cqK19zGk6kokqNa9MLs3RXgMcPL2GzNnR_QAIAAABkUgAAAAhoAQcKAQKAjjZJ0HyS4OwbSIERs77EqWCavAvLQ2mvm0-ku4T2P5gRKIP1WMY-FrdHTqRQIyr3N84UODEhyrwBZO9X8vQWRAOCpZpJqgcOp2Q8eX9IKPjgKqZUGJP-KoO61S2GxOBlC0NRRMIWK-znylis8SYS5YCXgRoNMm8Xpx0JKBPankYmsaxrQqmqU3sFQ6yoHWfrKB04H2PwU6mwaOkrM5mVlaU7dqkfPuXfexrvxLNI18yvxCZ44H5eOoYcGSE07RQ1XWvc5NB9l_FFZuMA9j9qa9Wvsvazx0VZS_jd5X9Z7qLxhN5YtoiegWAt3mv6AHrvp0HuqZRm4m89SL0i3drkbimZAni5AXMke_p98bjGShUyswYjFhmt3FJGP6QWzquIQUVTGUZuvAXG5M5qYPPW4262JYq6N-HKY8RIS6c4iFd6fnscSVP7Zyi5DdnccPUWzEEx3mx2IBTulIN2Pr7xor4Ha1Exa5vjzjKah1d7WoONvVq2Ld2swKnGcZz-1yrJ3e7VvFdjHtr4oQINmLiNu44f3By7ZKUYVoQvCmOO0CUk09PmOc4YkcmwOwsLrY4Ape2Oewq_EUxeTuXe6XR5nR39KmqbmsaubicGWGkDpi5ii_0P6kkmRFFxUSs-dPcRVigIt3jY-O5g8hrzbApAcQGrOi34imRNe2ZrC54cJfgD1wpi-_9OvjH9jBBwN7Rqxu-SfXVzEgfCgfcnGKN8bxYvug4XimJUtsZs4SI8bfg1JuodlygnbV_caFoazNmqXZgxPy9uKubcN-wLF1vrh9e3GWrl9gnZdmRF7RirWztcdvwZdhWoarYSK1B7KvLomklMhOIrgpnsEMY4ZeXcDg3K0RQG4R0xQTimZ31Q37kmGJiBzR89NrsiMkxai3wOuwDpznUVDlTRJRpF1qbAgs78UDRcCLlkHdlWEUzmA99rDP106eruh6QosIOQ9jo23z1IcPvmB5CKK5w75xIqsTrIFVCqhWnSX7ENCF4PPgjet63CDWW2kmYJHWkFFHO4INb3NJ36AI-GAkRVu66wuBDq1m9ttnfv3LJaUlYjZHRbicB71EOxb1CwWRAUvJxNZ5qzJ-suqc9mNtNcJlfDIZVUEqNX5VM8Sro3WFZul-C4W4wrLa7Oen4-lRON-T1msQSZ05xxk1lQYLeTE-TM-TSPRdRH1mfRuyQ1-w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 23:57:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ADF 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhwyFd2l1c0hdBZJ1U64ZrUTRivdn4-GVKjigvdglySvdgydf7svmqC5SjfeIYVqM8akdF-3cEcieFrffSFmdr6AehOhKOcJjgyrZWUXzxfntWvwpj3Q&sai=AMfl-YRhTkv9lau1UGAiS_vlHL_O-sYtk99ut296ykPAYsW-9sPkcYHzUE6NJ8KjMADgSDEEany6iLAh1GA7fm6wPy3d5gdox9woWQI&sig=Cg0ArKJSzKmXMJBYEVloEAE&cid=CAASPeRoDIwjr-pSzbBfX6G_pU6SLgw8gu7-ZQ2_hpEJVKxmKbPUddBZyd1BOYEGRyAquu83VR51yFQ1qXI13_E&id=lidar2&mcvt=1000&p=477,197,765,491&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=109673399&rs=2&met=mue&la=1&cr=1&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628294234371&dlt=574&rpt=100&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 23:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

CrystalDiskInfo8_12_5.zip
files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/
Redirect Chain

https://m.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=u0hodiv64qt1sp1j2egg154nc6
https://files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/CrystalDiskInfo8_12_5.zip

0
0

746ms
152ms

Document
application/zip

23.111.189.11

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/CrystalDiskInfo8_12_5.zip
Requested by: Host: m.majorgeeks.com
URL: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 23.111.189.11 Tampa, United States, ASN (),
Reverse DNS: files1.majorgeeks.com
Software: lighttpd/1.4.35 /
Resource Hash

Request headers

Host: files1.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://m.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _ga=GA1.2.1231962991.1628294234; _gid=GA1.2.958274845.1628294234; _gat=1; __gads=ID=9df2cca87c8d760b-2249ca9296c9006d:T=1628294234:RT=1628294234:S=ALNI_MZzDwLl6I11kD-YuOX9-y1qIx2_xw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.majorgeeks.com/mg/getmirror/crystaldiskinfo_portable,1.html

Response headers

Content-Type: application/zip
Accept-Ranges: bytes
ETag: "3274307963"
Last-Modified: Thu, 05 Aug 2021 13:45:12 GMT
Content-Length: 6724951
Date: Sat, 07 Aug 2021 00:09:53 GMT
Server: lighttpd/1.4.35

Redirect headers

Date: Sat, 07 Aug 2021 00:00:56 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://files1.majorgeeks.com/ab1895524bc9b4a23d42b91bc313b6718230e851/monitoring/CrystalDiskInfo8_12_5.zip
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.addnow.com
URL: https://cdn.addnow.com/widget/addnow.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:18:17	Name: DSID Value: NO_DATA
.majorgeeks.com/	1970-01-20 05:39:50	Name: __gads Value: ID=9df2cca87c8d760b-2249ca9296c9006d:T=1628294234:RT=1628294234:S=ALNI_MZzDwLl6I11kD-YuOX9-y1qIx2_xw
.majorgeeks.com/	1970-01-20 13:49:26	Name: _ga Value: GA1.2.1231962991.1628294234
.doubleclick.net/	1970-01-20 05:39:50	Name: IDE Value: AHWqTUlnOwBxo11mh-35n9Xradf4cjjcZvd5XsvUbuHONOw51ltWuN-XsBKmolVWp0k
m.majorgeeks.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: u0hodiv64qt1sp1j2egg154nc6
m.majorgeeks.com/	1970-01-19 20:18:16	Name: __atuvs Value: 610dcc5aee000b55000
.majorgeeks.com/	1970-01-19 20:19:40	Name: _gid Value: GA1.2.958274845.1628294234
.majorgeeks.com/	1970-01-19 20:18:14	Name: _gat Value: 1
m.majorgeeks.com/	1970-01-20 05:48:28	Name: __atuvc Value: 1%7C31

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.addnow.com
files1.majorgeeks.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.majorgeeks.com
majorgeeks.com
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.majorgeeks.com
z.moatads.com
cdn.addnow.com
104.75.88.126
142.250.186.66
2.18.235.40
23.111.189.11
23.111.189.3
23.111.189.6
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
09e7e104efe88a8820fc0761aab17749aa4481cf7366c0de71663b45229fefe4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aec2c8f08c9648716fe0285a2a92bc042f2dcaf2d62d170ac9249b280d2cad5
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1fc0f788cd19379f03ec0a3a02f0cb411acf7e1b3b74513efc15fc4db4980931
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
2a5b450dd819a1f53d066390081d5a42b4d5031bd6ed246fad9e127beae0aa50
2adaad3b5a5a92d6d9649e123cc0f19a20aacd6bc012d4f943ffe5b1d9e8f7ed
2cc3e58d09b5697e5e2d801fe620f9a013a50a0acc8fb4ea0476fd241761b47a
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
3d9821702f843edb310847369c4a5266186d99256afd69bc5df62a11681de7a4
4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a7bfbebd5c937ea5f6944df20ff9c5ecc40e8502d82c176d4a820ee2bfaa464
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f094c0bee244e5eb3237de62631959bac10af6d81ba7389fe5fa2907d196518
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
7366a88c38fafb099af882193c0b3bbc1c239ad509337361384ad6babcb9af3f
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
86fdda120080df3a681e952ab74e340b995cd9212c27a70c38f63756ba2df8b3
87fc9702ebe8c2321d3195ab32a153f09cf10f3b5b9c6c8b26afc3978b06ae31
9b3f9e0eec5b585b86c19bc175b155922daf524f542bba4703c5d1675e0f01b7
9b734eb274c18470eaa282e0867dcb2eac3581511bf41be979b9f79ca995872c
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
a1f153dcc4467cf46aafb2698e804d85eb9f18d130b6c3a6ccf951357c272aa7
a22d675890a4de3f927a46088e3bd7da3f272771f3352b9033fa119997cdf52d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c121205720e4c04018b21fc8483cded3a517ff1efff7f8797edd2f17ef89d75e
c2414afd67cd05a12001ef9b4963a5d04b9bdab1d08ecb14568ede05d206d60c
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

m.majorgeeks.com Open in urlscan Pro 23.111.189.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

63 %IPv6

14 Domains

21 Subdomains

17 IPs

3 Countries

842 kBTransfer

2150 kBSize

9 Cookies

8 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.majorgeeks.com Open in urlscan Pro
23.111.189.6 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

63 %
IPv6

14
Domains

21
Subdomains

17
IPs

3
Countries

842 kB
Transfer

2150 kB
Size

9
Cookies

76 HTTP transactions
2 data transactions