www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Submission: On May 27 via api (May 27th 2021, 8:00:45 am UTC) from BE

Summary HTTP 193 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 64 IPs in 12 countries across 68 domains to perform 193 HTTP transactions. The main IP is 23.111.189.3, located in United States and belongs to HVC-AS, US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by R3 on May 7th 2021. Valid for: 3 months.

This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	23.111.189.3 23.111.189.3	29802 (HVC-AS) (HVC-AS)
9	23.111.189.6 23.111.189.6	29802 (HVC-AS) (HVC-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:2600:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.226.152.108 13.226.152.108	16509 (AMAZON-02) (AMAZON-02)
1 1	104.17.3.11 104.17.3.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
1	2606:4700::68... 2606:4700::6812:778	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	104.117.198.191 104.117.198.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21f... 2600:9000:21f3:3400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	13.226.158.204 13.226.158.204	16509 (AMAZON-02) (AMAZON-02)
1	52.52.210.165 52.52.210.165	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:a45c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	95.100.67.45 95.100.67.45	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:218... 2600:9000:2182:8e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
28	2600:9000:218... 2600:9000:2182:7e00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2 9	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	208.100.17.182 208.100.17.182	32748 (STEADFAST) (STEADFAST)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 2	52.58.236.252 52.58.236.252	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:400:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	193.122.174.27 193.122.174.27	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	146.0.227.107 146.0.227.107	20773 (GODADDY) (GODADDY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
12	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
1	72.251.241.206 72.251.241.206	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
4 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	87.98.228.78 87.98.228.78	16276 (OVH) (OVH)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	3.120.52.76 3.120.52.76	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	54.77.47.243 54.77.47.243	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
193	64

32 23.111.189.3 (United States)

ASN29802 (HVC-AS, US)
PTR: majorgeeks.com

www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.111.189.6 (United States)

ASN29802 (HVC-AS, US)
PTR: dev.majorgeeks.com

ra.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2600:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.152.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-152-108.dus51.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.3.11 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cleverbridge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:778 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.117.198.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-198-191.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:3400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.210.165 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-210-165.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a45c (United States)

ASN13335 (CLOUDFLARENET, US)

track.flexlinkspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

majorgeekscom.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.67.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-45.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:8e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:9000:2182:7e00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.206.142 (United Kingdom) 2 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 62.149.0.72 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.182 (United States)

ASN32748 (STEADFAST, US)
PTR: ip182.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.236.252 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:400:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.216 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.107 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.168 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.246.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.213 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.228.78 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.144 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.236 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.52.76 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.47.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	majorgeeks.com www.majorgeeks.com ra.majorgeeks.com majorgeeks.com	267 KB
28	disquscdn.com c.disquscdn.com	567 KB
26	pubmatic.com 1 redirects ads.pubmatic.com image8.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	36 KB
14	google.com 1 redirects apis.google.com www.google.com cse.google.com clients1.google.com accounts.google.com	446 KB
12	doubleclick.net 8 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	136 KB
11	adtelligent.com 2 redirects s.adtelligent.com sync.adtelligent.com	7 KB
7	disqus.com majorgeekscom.disqus.com disqus.com referrer.disqus.com	59 KB
6	adnxs.com 6 redirects ib.adnxs.com secure.adnxs.com	6 KB
6	facebook.net connect.facebook.net	229 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
4	aaxads.com c.aaxads.com l3.aaxads.com	101 KB
4	udmserve.net udmserve.net	8 KB
4	addthis.com s7.addthis.com	192 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	1rx.io 3 redirects sync.1rx.io	1 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	underdog.media bid.underdog.media	165 KB
3	quantcount.com rules.quantcount.com	1 KB
3	facebook.com www.facebook.com	266 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	767 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	961 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	360yield.com 2 redirects ad.360yield.com	654 B
2	e-planning.net 1 redirects ads.us.e-planning.net	308 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	openx.net 2 redirects rtb.openx.net	628 B
2	admanmedia.com 2 redirects cs.admanmedia.com	800 B
2	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	consensu.org quantcast.mgr.consensu.org	65 KB
2	gstatic.com www.gstatic.com ssl.gstatic.com	52 KB
2	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	103 KB
2	googlesyndication.com pagead2.googlesyndication.com	133 KB
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	playground.xyz 1 redirects ads.playground.xyz	484 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	simpli.fi um.simpli.fi	609 B
1	onaudience.com 1 redirects pixel.onaudience.com	400 B
1	deepintent.com match.deepintent.com	44 B
1	contextweb.com 1 redirects bh.contextweb.com	462 B
1	ad4m.at ad4m.at	992 B
1	erne.co 1 redirects green.erne.co	326 B
1	unrulymedia.com sync.targeting.unrulymedia.com	395 B
1	adgrx.com cm.adgrx.com	408 B
1	loopme.me 1 redirects csync.loopme.me	212 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	304 B
1	de17a.com d5p.de17a.com	134 B
1	admixer.net 1 redirects inv-nets.admixer.net	472 B
1	technoratimedia.com sync.technoratimedia.com	297 B
1	trafmag.com t.trafmag.com	232 B
1	tynt.com ic.tynt.com
1	aaxdetect.com www.aaxdetect.com	323 B
1	addthisedge.com v1.addthisedge.com	941 B
1	moatads.com z.moatads.com	1 KB
1	flexlinkspro.com track.flexlinkspro.com	342 B
1	ipfind.co ipfind.co	442 B
1	cookiepro.com cookie-cdn.cookiepro.com	2 KB
1	cleverbridge.com 1 redirects www.cleverbridge.com	485 B
1	mailchimp.com cdn-images.mailchimp.com	1 KB
193	68

	Domain	Requested by
29	www.majorgeeks.com	www.majorgeeks.com
28	c.disquscdn.com	majorgeekscom.disqus.com disqus.com c.disquscdn.com www.majorgeeks.com
12	simage2.pubmatic.com	ads.pubmatic.com
9	sync.adtelligent.com	2 redirects s.adtelligent.com ads.pubmatic.com
9	ra.majorgeeks.com	www.majorgeeks.com ra.majorgeeks.com
8	cm.g.doubleclick.net	8 redirects
6	image2.pubmatic.com	ads.pubmatic.com
6	connect.facebook.net	www.majorgeeks.com connect.facebook.net c.disquscdn.com
6	www.google.com	1 redirects www.majorgeeks.com cse.google.com www.google.com
5	disqus.com	majorgeekscom.disqus.com c.disquscdn.com
4	match.adsrvr.org	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	c.amazon-adsystem.com	www.majorgeeks.com c.amazon-adsystem.com
4	udmserve.net	www.majorgeeks.com
4	s7.addthis.com	www.majorgeeks.com s7.addthis.com
3	x.bidswitch.net	3 redirects
3	sync.1rx.io	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	secure.adnxs.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
3	ib.adnxs.com	3 redirects
3	ads.pubmatic.com	s.adtelligent.com ads.pubmatic.com
3	rules.quantcount.com	secure.quantserve.com
3	www.facebook.com	www.majorgeeks.com connect.facebook.net c.disquscdn.com
3	majorgeeks.com	www.majorgeeks.com
3	apis.google.com	www.majorgeeks.com c.disquscdn.com apis.google.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	sync-tm.everesttech.net	2 redirects
2	a.volvelle.tech	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	image8.pubmatic.com	1 redirects www.majorgeeks.com
2	l3.aaxads.com	www.majorgeeks.com
2	ad.360yield.com	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	ap.lijit.com	2 redirects
2	rtb.openx.net	2 redirects
2	cs.admanmedia.com	2 redirects
2	s.adtelligent.com	cdn.thisiswaldo.com s.adtelligent.com
2	www.google-analytics.com	www.majorgeeks.com www.google-analytics.com
2	cse.google.com	www.majorgeeks.com www.google.com
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	c.aaxads.com	www.majorgeeks.com
2	securepubads.g.doubleclick.net	www.majorgeeks.com securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	www.majorgeeks.com pagead2.googlesyndication.com
1	referrer.disqus.com	www.majorgeeks.com
1	ssl.gstatic.com	accounts.google.com
1	rtb.gumgum.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	sync.targeting.unrulymedia.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	inv-nets.admixer.net	1 redirects
1	sync.technoratimedia.com	www.majorgeeks.com
1	t.trafmag.com	s.adtelligent.com
1	ic.tynt.com	s.adtelligent.com
1	clients1.google.com	www.majorgeeks.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.aaxdetect.com	www.majorgeeks.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	v1.addthisedge.com	s7.addthis.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	z.moatads.com	s7.addthis.com
1	majorgeekscom.disqus.com	www.majorgeeks.com
1	track.flexlinkspro.com	www.majorgeeks.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ipfind.co	cdn.thisiswaldo.com
1	cookie-cdn.cookiepro.com	www.majorgeeks.com
1	www.cleverbridge.com	1 redirects
1	cdn-images.mailchimp.com	www.majorgeeks.com
1	www.gstatic.com	www.majorgeeks.com
1	cdn.thisiswaldo.com	www.majorgeeks.com
193	93

This site contains links to these domains. Also see Links.

Domain
teespring.com
www.youtube.com
deals.majorgeeks.com
forums.majorgeeks.com
ra.majorgeeks.com
mac.majorgeeks.com
www.restoro.com
www.facebook.com
www.instagram.com
twitter.com
www.pinterest.com
newsblur.com
add.my.yahoo.com
www.symbaloo.com
majorgeeks.tradepub.com
chrome.google.com
iobit.com
track.flexlinkspro.com
www.contentteller.com
cookie-bar.eu
ico.org.uk
support.google.com
support.mozilla.org
windows.microsoft.com
help.opera.com
support.apple.com
instagram.com
www.addthis.com

Subject Issuer	Validity	Valid
majorgeeks.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
ra.majorgeeks.com R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-06-16` - `2021-06-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
udmserve.net DigiCert SHA2 High Assurance Server CA	`2019-07-15` - `2021-10-14`	2 years	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.aaxads.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
ipfind.co Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.aaxdetect.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
sync.adtelligent.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
www.underdog.media DigiCert SHA2 High Assurance Server CA	`2019-07-16` - `2021-10-18`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Frame ID: CAA4157FD70C67AA45A7FA34763A3B74
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 8890789A1C3C04169D45D1CA9436BCDE
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: B84F8EF995F54B92F712AF93A7CAA995
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=563719
Frame ID: 11807BFA9B25C9126AA2A0DC616B1EF9
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Frame ID: 94EAD251A694184994091BEAFB0F3236
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d
Frame ID: 256CA2F4558546C77F5F1F7117074749
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
Frame ID: D87E42D71A95064E2E1D4E6A606D6595
Requests: 34 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 1B503ACB73BEC24005D7ED6D9F131A95
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 047B16C9339BCCE1875B43ACB95D25B9
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A
Frame ID: 0A987D7232322C75070D969EE576E9C1
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 9825945B78B977F9CB357466688E4661
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9CF85AD5C632A7862E2E6E71333C1C40
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180
Frame ID: 5203BC1AD8218910AE1F30D7D3BD1CA6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: B27D29802D581BE47D58D1627E46564A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: BF1722B26DF7BFFD220D765D2B6CB041
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D5ACDD871DEAA4FA4EAA961029BFC999
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-732e3368-1005-49db-b366-934083672026-003
Frame ID: D338CEBDA9EEE42AA2CEEFD8CB2408F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg
Frame ID: 626D201C3253EA5734A857640621DE2A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 83D3CEA8B83E399669B8BDE8675E0B0D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219
Frame ID: 0BC3DB34C4AC0D909228A3E7A5B93A4F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5E113F71B58F5CC46A1204896427ADF3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: D998046CF8CDD73F29C24CA512101516
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=306114&extuid=%20PM_UIDF9F4E904-E4F1-44F9-AA1D-30223AB6486A
Frame ID: 7BF39586767947714CC3FAC0A3C48E72
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 7451AA7E4FAD7BC1423972C77F992DAD
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 2C53F74B924185C0F12E21BB8B4A116B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B6E8A41C5B645957A3951995405D8B18
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

193
Requests

100 %
HTTPS

34 %
IPv6

68
Domains

93
Subdomains

64
IPs

12
Countries

2643 kB
Transfer

6315 kB
Size

6
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://teespring.com/stores/majorgeeks
Title: SWAG

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/majorgeeks
Title: YOUTUBE

Search URL Search Domain Scan URL

URL: https://deals.majorgeeks.com/
Title: DEALS!

Search URL Search Domain Scan URL

URL: https://forums.majorgeeks.com/
Title: FORUMS

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/ck.php?oaparams=2__bannerid=42__zoneid=8__cb=7d1139765e__oadest=http%3A%2F%2Fwww.restoro.com%2Fincludes%2Froute.php%3Ftracking%3DMajorgeeks%26banner%3DMGLP-728-uyrn%26lpx%3Duyrn

Search URL Search Domain Scan URL

URL: http://mac.majorgeeks.com/
Title: Macintosh

Search URL Search Domain Scan URL

URL: https://www.restoro.com/includes/route.php?tracking=Majorgeeks&banner=160&lpx=uyrn
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/majorgeeksdotcom/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/majorgeeksdotcom/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/majorgeeks/
Title: Pintrest

Search URL Search Domain Scan URL

URL: https://newsblur.com/site/7341318/majorgeeks.comrss
Title: News Blur

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/content?url=http://www.majorgeeks.com/files/rss
Title: Yahoo

Search URL Search Domain Scan URL

URL: https://www.symbaloo.com/mix/majorgeeks
Title: Symbaloo

Search URL Search Domain Scan URL

URL: https://forums.majorgeeks.com/showthread.php?t=35407
Title: Malware Removal

Search URL Search Domain Scan URL

URL: https://majorgeeks.tradepub.com/
Title: Free Magazines

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/major-geeks/oohhljmmpimagelffecaddlcannbknae
Title: Yahoo Extension(Beta)

Search URL Search Domain Scan URL

URL: http://iobit.com/
Title: IObit

Search URL Search Domain Scan URL

URL: https://www.restoro.com/includes/route.php?tracking=Majorgeeks&banner=newtext&lpx=uyrn
Title: Click Here to Repair or Restore Missing Windows Files

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/ck.php?oaparams=2__bannerid=89__zoneid=7__cb=2ebc1b6e92__oadest=https%3A%2F%2Ftrack.flexlinkspro.com%2Fg.ashx%3Ffoid%3D156074.5136.1071863%26trid%3D1049427.201227%26foc%3D16%26fot%3D9999%26fos%3D5

Search URL Search Domain Scan URL

URL: https://track.flexlinkspro.com/g.ashx?foid=156074.5136.1071863&trid=1049427.201227&foc=16&fot=9999&fos=5
Title: Spend Direct Deposit $75 Incentive

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/ck.php?oaparams=2__bannerid=52__zoneid=2__cb=6e3d1ad836__oadest=http%3A%2F%2Fwww.restoro.com%2Fincludes%2Froute.php%3Ftracking%3DMajorgeeks%26banner%3DMGLP-SC-uyrn%26lpx%3Duyrn

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/ck.php?oaparams=2__bannerid=42__zoneid=5__cb=5663cd4e4c__oadest=http%3A%2F%2Fwww.restoro.com%2Fincludes%2Froute.php%3Ftracking%3DMajorgeeks%26banner%3DMGLP-728-uyrn%26lpx%3Duyrn

Search URL Search Domain Scan URL

URL: http://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://cookie-bar.eu/
Title: cookie bar

Search URL Search Domain Scan URL

URL: http://ico.org.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies
Title: Information Commissioner's Office

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts/answer/61416?hl=en
Title: Chrome

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-GB/kb/enable-and-disable-cookies-website-preferences
Title: Firefox

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: http://help.opera.com/Windows/10.00/en/cookies.html
Title: Opera

Search URL Search Domain Scan URL

URL: https://support.apple.com/kb/PH17191?viewlocale=en_GB
Title: Safari

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UC9-wz8Md_X6V3BCihYW3jig?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/majorgeeksdotcom
Title: Follow on InstagramInstagram

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google.com/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 26

https://www.cleverbridge.com/289/cookie?affiliate=1879&redirectto=http%3a%2f%2fmajorgeeks.com/images/icons/star.gif HTTP 302
https://majorgeeks.com/images/icons/star.gif

Request Chain 88

https://cs.admanmedia.com/sync/selectmedia?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310756%26extuid%3D%7B%24UID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d

Request Chain 96

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af5c59fe941a7d8a

Request Chain 97

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=62c8db06-6297-4c51-9e73-161529447b6c

Request Chain 98

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=40a1feff49cf3b85ef5b5224

Request Chain 99

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1183710237432283012

Request Chain 100

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 101

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c5af92a2-a133-4e27-81d7-c73fe92770af

Request Chain 102

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D312412%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=af5c59fe941a7d8a

Request Chain 106

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=1183710237432283012

Request Chain 107

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1

Request Chain 109

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=b464414b532b4b5ebef1228a2d1bd833

Request Chain 110

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;acu=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d

Request Chain 124

https://c1.adform.net/serving/cookie/match?party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A

Request Chain 127

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180

Request Chain 128

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZWswN0JYcU1BQUM3elFCVjhTUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 129

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 131

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2788398634 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2788398634 HTTP 302
https://sync.1rx.io/usersync/tradedesk/0e489508-520c-4f74-bf91-9963e870dcfe HTTP 302
https://sync.1rx.io/usersync/tradedesk/0e489508-520c-4f74-bf91-9963e870dcfe?zcc=1&dspret=0&cb=1622102425488 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-732e3368-1005-49db-b366-934083672026-003

Request Chain 132

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg

Request Chain 134

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219

Request Chain 135

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-fTpBOTxRPmqHTAiOrZIag%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-fTpBOTxRPmqHTAiOrZIag%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 139

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=178260af-5197-4300-8981-91d7bd587eee

Request Chain 140

https://pixel.onaudience.com/?partner=214&mapped=F9F4E904-E4F1-44F9-AA1D-30223AB6486A HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=dad4e1cadc2704f6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996f03264448&zcluid=dad4e1cadc2704f6&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESECA_gQ8kZ-WuoawRYMSBA2I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996f03264448&zcluid=dad4e1cadc2704f6&zdid=1332

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjlGNEU5MDQtRTRGMS00NEY5LUFBMUQtMzAyMjNBQjY0ODZB&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjlGNEU5MDQtRTRGMS00NEY5LUFBMUQtMzAyMjNBQjY0ODZB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFF4N3A042JP-aJrfUMj-0&google_cver=1

Request Chain 144

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=285739401681074399

Request Chain 145

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b95c60af-5197-4700-adb0-ed800bdb1d46&gdpr=0&gdpr_consent=

Request Chain 146

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e489508-520c-4f74-bf91-9963e870dcfe

Request Chain 147

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1183710237432283012&gdpr=0&gdpr_consent=

Request Chain 149

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RZJmfAlE2uX1zSrAfm8.onLXi7FS_3Q-~A&gdpr=0&gdpr_consent=

Request Chain 150

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n2QeU5xlRg2ENUoAkGZSAchsTAOEbUsEnGZkjGTk

Request Chain 151

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=61734f35-9f7b-4269-99ea-2c21e564e843&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b569b3-645b-4807-a9a7-978dcda26ad1&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 152

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YK9RmAABS9ME2AAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YK9RmAABS9ME2AAC&gdpr=0&gdpr_consent=&_test=YK9RmAABS9ME2AAC

Request Chain 153

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a033bb95-9297-4e61-ae54-0cc9bb21d54e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 155

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4341733223626699622&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 156

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 157

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1183710237432283012

Request Chain 158

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_225bd63f-8b95-436e-addc-9a03baf75711

193 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set iobit_malware_fighter.html Show response
www.majorgeeks.com/files/details/ 37 KB
11 KB 695ms
219ms Document
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: dc50db1ce871f864abc7cbc4c790866577afe6e0145ccde42c8adaf06860d04c

Request headers

Host: www.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cookiebar-latest.js Show response
www.majorgeeks.com/cookiebar/ 11 KB
4 KB 475ms
163ms Script
application/javascript 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/cookiebar/cookiebar-latest.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 90f64f9b25a1f6625cf5fea852ef3b0e3bd895fd0f068229140eea237cb230ed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 11:32:27 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2c21-5715888b1be60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3269

GET
H/1.1 200
OK jquery.js Show response
www.majorgeeks.com/core/javaload/ 95 KB
33 KB 491ms
177ms Script
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 33760

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 47 KB
5 KB 178ms
176ms Stylesheet
text/css 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 4663

GET
H/1.1 200
OK all.min.css
www.majorgeeks.com/fa/css/ 58 KB
13 KB 344ms
163ms Stylesheet
text/css 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/fa/css/all.min.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Mar 2021 19:15:14 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e7d0-5bdac2f96f480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12869

GET
H/1.1 200
OK spcjs.php Show response
ra.majorgeeks.com/www/delivery/ 2 KB
1 KB 655ms
172ms Script
application/x-javascript 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/spcjs.php?id=1&target=_blank
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1d9ab789424bde850c38ee4de1baecb8fd607a6dc2bc8e290f0855b764556a38

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=5, max=100
Content-Length: 706
Expires: Fri, 28 May 2021 08:03:44 +0000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf97790c17eeaa7bad43fd976b5a96666e91fc07e94dc99259f01170a1b0432f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48330
x-xss-protection: 0
server: cafe
etag: 7601106620583993032
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 167ms
56ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

9ee381735bbfc3ee0873e073e594c1d5a41bf4b0ecbf3d0674251bea5b963441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "884 / 323 of 1000 / last-modified: 1622067017"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21490
x-xss-protection: 0
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H2 200 4107.js Show response
cdn.thisiswaldo.com/static/js/ 349 KB
103 KB 58ms
30ms Script
application/javascript 2600:9000:21f3:2600:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/4107.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2600:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6f6d00a25c34779a72589e25e81044a7a154b8d628e5938af4f9145f065fe1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 18:12:52 GMT
server: Apache/2.4.29 (Ubuntu)
age: 48157
etag: "573de-5c3175ba785db-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 8yJR-VlWKHLs8Yw45cTQhNxkGj3m6KiLhGQi3WTMB05vlzJbd5LlzA==

GET
H/1.1 200
OK majorgeeks.gif
www.majorgeeks.com/images/logos/ 16 KB
16 KB 167ms
162ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16513

GET
H/1.1 200
OK buttons.js Show response
www.majorgeeks.com/jscripts/buttons/ 24 KB
9 KB 167ms
162ms Script
application/javascript 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/jscripts/buttons/buttons.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: ac6cea962fc5c9b104331f38097c31bc782e331285a8eb9b4a5f1e9e8a44b248

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jul 2015 01:51:39 GMT
Server: Apache/2.4.10 (Debian)
ETag: "6113-519eecbffc0c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9281

GET
H3-29 200 platform.js Show response
apis.google.com/js/ 54 KB
20 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xvaeaCTyAOdKIsbK84hQ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a68431d28598ca094cc7a5b791b0415c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-xvaeaCTyAOdKIsbK84hQ8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H/1.1 200
OK search_light.gif
www.majorgeeks.com/images/ 592 B
876 B 168ms
164ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/search_light.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 41f61ace1fa1d217111ac0123c9ca8ead22792a6ab75a7ba0a7a8195a656a785

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 30 Jun 2010 19:16:16 GMT
Server: Apache/2.4.10 (Debian)
ETag: "250-48a4430160000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 592

GET
H3-29

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
age: 51124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Thu, 27 May 2021 17:48:17 GMT

Redirect headers

date: Thu, 27 May 2021 07:59:21 GMT
x-content-type-options: nosniff
server: sffe
age: 60
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Thu, 27 May 2021 08:29:21 GMT

GET
H/1.1 200
OK mg_files.png
www.majorgeeks.com/images/blocks/ 3 KB
3 KB 168ms
163ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/blocks/mg_files.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e165ee9ed8a5dd7afdd5c60cd5e3140bea0d1ede177f740e91cc8a645c1dc80f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Sun, 30 Jun 2013 16:57:03 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c5c-4e062004855c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3164

GET
H/1.1 200
OK 160.png
majorgeeks.com/images/mg/ 21 KB
21 KB 773ms
173ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://majorgeeks.com/images/mg/160.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 75d780af3544a8850223c642a08d880a057db4198b22d85b03709fabb2fb3429

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 03 Feb 2021 22:21:24 GMT
Server: Apache/2.4.10 (Debian)
ETag: "54d6-5ba7601e9fb60"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21718

GET
H/1.1 200
OK mg_spread_the_word.png
www.majorgeeks.com/images/blocks/ 14 KB
14 KB 685ms
164ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/blocks/mg_spread_the_word.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2f5e59efe8e5c6f06d37bb378e9e6f0131a8fba874ea39b3b962b6dd556bc238

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 18 Apr 2018 17:57:27 GMT
Server: Apache/2.4.10 (Debian)
ETag: "377e-56a23301a8fc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 14206

GET
H/1.1 200
OK slim-081711.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 168ms
55ms Stylesheet
text/css 13.226.152.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/slim-081711.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.152.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-152-108.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca7f7f2f1530f32622fc0c76791f400659a18bf740f4ccf34be404d923a0f4fb

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 11:30:43 GMT
Content-Encoding: gzip
Age: 73796
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2011 20:36:36 GMT
Server: AmazonS3
ETag: W/"e52c5f8fc4367efbe2ae0a64f41ceb79"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize: 1889
x-amz-meta-s3fox-modifiedtime: 1313613307000
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: j1aXfcOtNuuxjVekl4UE8Z1Y1DrwsKewu2WCXdRGmsJhhppmF5NT2g==

GET
H/1.1 200
OK mg_siteinfo.png
www.majorgeeks.com/images/blocks/ 4 KB
4 KB 687ms
165ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/blocks/mg_siteinfo.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 03112acd9c57a388e0b941fcf3039083be72bb2baf40ecf9674dec4b34979628

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Sun, 30 Jun 2013 16:57:06 GMT
Server: Apache/2.4.10 (Debian)
ETag: "e55-4e06200761c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3669

GET
H/1.1 200
OK mg_topdownloads.png
www.majorgeeks.com/images/blocks/ 6 KB
6 KB 204ms
160ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/blocks/mg_topdownloads.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0027841f92780e946fec18b796bdf47d838f2754bf088d070bee0d05af5cb352

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Sun, 30 Jun 2013 16:57:07 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16ab-4e06200855ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5803

GET
H/1.1 200
OK ad160px.png
www.majorgeeks.com/images/mg/ 3 KB
4 KB 199ms
164ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/mg/ad160px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 46810517680519658591802dcac9a58bcd1315a5ea1ba1d1a2dbffbbb94bb728

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Tue, 04 Oct 2016 16:56:09 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d70-53e0cefe75c40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3440

GET
H/1.1 200
OK mg_top_reads.png
www.majorgeeks.com/images/blocks/ 11 KB
12 KB 346ms
163ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/blocks/mg_top_reads.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8666b36f5df02ac7d1f8b41beed4ad6b39b3492cd648a0d2f169bfb12b92a4fc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 18 Apr 2018 17:57:28 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d9a-56a233029d200"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11674

GET
H/1.1 200
OK star.gif
www.majorgeeks.com/images/icons/ 934 B
1 KB 198ms
161ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/star.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 7cac8f930733b1871472e82a24ef8ebda4923f03cf116b742ff1e903bd3c9649

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Thu, 05 Apr 2012 02:49:16 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3a6-4bce595f16300"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 934

GET
H/1.1 200
OK om.jpg
majorgeeks.com/images/icons/ 2 KB
3 KB 918ms
160ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://majorgeeks.com/images/icons/om.jpg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 677283e052e30681c33e46fdd8d07c52e94252de6a74e85ec8a3ae34deb89a3a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:46 GMT
Last-Modified: Wed, 08 May 2013 03:03:30 GMT
Server: Apache/2.4.10 (Debian)
ETag: "8f8-4dc2c2dafa480"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2296

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 199ms
164ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1402

GET
H/1.1 200
OK downloadnowtest3a.gif
www.majorgeeks.com/images/icons/ 5 KB
6 KB 346ms
163ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/downloadnowtest3a.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: d79c9dcc9b5cf47dcabcf51d9e0f17c7e9985bb0ece2706ca6aee8f0a3ba69f1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Sat, 07 Dec 2019 21:46:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "154e-5992419acaae0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5454

GET
H/1.1 200
OK arrowd.gif
www.majorgeeks.com/images/ 951 B
1 KB 360ms
160ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/arrowd.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4fd4f6fc29de939e9168f0777ab7718bfefe976ffa2543a3e5cac396615ff8ef

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 30 Jun 2010 20:36:22 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3b7-48a454e8bbd80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 951

GET
H/1.1

200
OK

star.gif
majorgeeks.com/images/icons/
Redirect Chain

https://www.cleverbridge.com/289/cookie?affiliate=1879&redirectto=http%3a%2f%2fmajorgeeks.com/images/icons/star.gif
https://majorgeeks.com/images/icons/star.gif

934 B
1 KB

315ms
162ms

Image
image/gif

23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://majorgeeks.com/images/icons/star.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 7cac8f930733b1871472e82a24ef8ebda4923f03cf116b742ff1e903bd3c9649

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Thu, 05 Apr 2012 02:49:16 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3a6-4bce595f16300"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 934

Redirect headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=utf-8
location: http://majorgeeks.com/images/icons/star.gif
cache-control: private
cf-ray: 655db58d9dea00b6-AMS
cf-request-id: 0a4e6fcc7f000000b644820000000001

GET
H/1.1 200
OK mg_zoom.gif
www.majorgeeks.com/images/ 1 KB
1 KB 472ms
159ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/mg_zoom.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 933fb1d08e2909b241e54b1e9f01da1e245b949656eb442c6338b59cd8cb6d0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Sun, 15 Aug 2010 13:34:33 GMT
Server: Apache/2.4.10 (Debian)
ETag: "475-48ddcc6b64c40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1141

GET
H/1.1 200
OK lightbox.js Show response
www.majorgeeks.com/core/javaload/ 10 KB
3 KB 177ms
176ms Script
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/lightbox.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8135c9d4c43dac0e1090d595ed76141fea6262cbe40ba5d585f253bc756f1c68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 2619

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 6 KB
6 KB 338ms
176ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=files&action=thumb&id=27272
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e11b9f0cb8b23239a86a352aa88bb8c919df0f1f099c65c4a0c47456ce027ff7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Disposition: attachment; filename="thumbnail_iobit malware fighter majorgeeks.jpg"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 5772
Server: Apache/2.4.10 (Debian)
Content-Type: image/jpeg

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 5 KB
5 KB 336ms
183ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=files&action=thumb&id=27273
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 29c87969f14380f83f141fe0cd927e09178cf4d911ae959d0f15da0d045bd3ca

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Disposition: attachment; filename="thumbnail_iobit malware fighter majorgeeks2.jpg"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 4969
Server: Apache/2.4.10 (Debian)
Content-Type: image/jpeg

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 7 KB
7 KB 485ms
185ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=files&action=thumb&id=27274
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 34be304d302041ded9c1a05a63b20fba66df7b38ad76e4bf18b3ad3440d272b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Disposition: attachment; filename="thumbnail_iobit malware fighter majorgeeks3.jpg"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 6990
Server: Apache/2.4.10 (Debian)
Content-Type: image/jpeg

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 6 KB
6 KB 338ms
184ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=files&action=thumb&id=27275
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1c2aa2f06e5988157ced8a192eb80882ee53b335349c019a43012b97969b1196

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Disposition: attachment; filename="thumbnail_iobit malware fighter majorgeeks4.jpg"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 5891
Server: Apache/2.4.10 (Debian)
Content-Type: image/jpeg

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 7 KB
7 KB 484ms
184ms Image
image/jpeg 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=files&action=thumb&id=27276
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 25e9ce5a31931b377a1abe5165627815059a58718c8ff77532ebc4c6e9a62982

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Disposition: attachment; filename="thumbnail_iobit malware fighter majorgeeks5.jpg"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 7235
Server: Apache/2.4.10 (Debian)
Content-Type: image/jpeg

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 3 KB
3 KB 175ms
175ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3; __atuvc=1%7C21; __atuvs=60af5196d03a5c44000; _ga=GA1.2.2083734590.1622102423; _gid=GA1.2.1327017161.1622102423; _gat=1; _fbp=fb.1.1622102422876.1887990243; aasd=1%7C1622102422919
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:46 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 169ms
62ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 27 May 2021 08:00:22 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 40 KB
6 KB 805ms
207ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=16021;tid=1;dt=6;
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 0e908169efe246fe309000e9b534eb9688d143d5274aa869c60820e183a5ba22

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:00:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H2 200 icon-do-not-sell.svg
cookie-cdn.cookiepro.com/ccpa-optout-solution/v1/assets/ 5 KB
2 KB 42ms
24ms Image
image/svg+xml 2606:4700::6812:778
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/ccpa-optout-solution/v1/assets/icon-do-not-sell.svg

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7ea3784d742eed74c3a432b05499d72262ca2e3a903def29cc4677319432b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4702
cf-request-id: 0a4e6fcbb500000eafa0336000000001
x-ms-lease-status: unlocked
last-modified: Tue, 12 Nov 2019 20:18:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: db30473d-f01e-0039-03ca-33c351000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 655db58c5d520eaf-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: xLK/U/cMOL7VdpRt7QRQy4F7yt5XjDjULcW63BBY6EfPzHlopy4Bwo5+qI2bLCC5RB1mIZ1hoIDu6oMlvp5JOA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 27 May 2021 08:00:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK spc.php Show response
ra.majorgeeks.com/www/delivery/ 7 KB
2 KB 190ms
190ms Script
application/x-javascript 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/spc.php?zones=9%7C8%7C7%7C1%7C2%7C3%7C4%7C5&source=&r=15019757&target=_blank&charset=UTF-8&loc=https%3A//www.majorgeeks.com/files/details/iobit_malware_fighter.html
Requested by: Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/spcjs.php?id=1&target=_blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e9813007a17b0f1dc8a89199ccc72aff93ec1b1a6ab881d2a0bfc0757c6c340

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:03:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript; charset=UTF-8
Keep-Alive: timeout=5, max=99
Content-Length: 1257
Expires: 0

GET
H/1.1 200
OK fl.js Show response
ra.majorgeeks.com/www/delivery/ 5 KB
2 KB 353ms
162ms Script
application/javascript 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/fl.js
Requested by: Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/spcjs.php?id=1&target=_blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Feb 2018 08:24:22 GMT
Server: Apache/2.4.10 (Debian)
ETag: "15d6-564af238c3980-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1858

GET
H2 200 aax.js Show response
c.aaxads.com/ 361 KB
100 KB 205ms
88ms Script
text/javascript 104.117.198.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXUUR32B&hst=www.majorgeeks.com&ver=1.2

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.198.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-198-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

755409f2b193a33dab1fd716eb88f3db8692214ca51a1b9ede08da343ffc8e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Thu, 27 May 2021 08:00:22 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 27 May 2021 08:30:22 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/ 3 KB
2 KB 10ms
8ms Script
application/javascript 2600:9000:21f3:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb30289f9e4df7ea7a22714a51d911e790e76d3debdbd9139cc201028b0ca35a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 27 May 2021 07:59:35 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 19:51:37 GMT
server: AmazonS3
age: 97
etag: W/"d37205617210309f25de0d69ec6c2582"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: EyCsm8YI8e7qKWFD5wbHrhjuVAB4o4QPpG5v9dmcvCMCU_SljCVrpw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 169ms
61ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 16:30:51 GMT
content-encoding: gzip
server: Server
age: 55770
etag: 6bda376aea84df42909484ff0d20f22a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: 7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id: m7x8i-PRnzQSgoPFn-HOq3ocscN0OAvI97oenuUsgB0cngGU1rQdqA==

GET
H2 200 me Show response
ipfind.co/ 326 B
442 B 685ms
267ms XHR
application/json 52.52.210.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.210.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-210-165.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a10a2389cb4de1b2b45305a698ba43c873a4a21a296740809590abde2c95f641

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 218

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7167af91b1403339ebd72fed59fb0b76df8c6d749b1fbac79b3770760411c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Zjvfyy3FNo4FCLbGNPR82A==
cross-origin-resource-policy: cross-origin
expires: Thu, 27 May 2021 08:09:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: q8+4kyNpbBd/YW80Bo6GBxAmySkbbDDNBALk/XMuN0MMTrza9jxNG++LbNj+jrOvEx/UvIwQwoCbVf0DUykoSw==
x-fb-content-md5: 5f61623dbe1ecd540af4859d2093b335
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 May 2021 08:00:22 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c53ce0058348a27e6d4a219e44079887"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 076889e12e7677dec7cd916bde2eb8ef.png
ra.majorgeeks.com/www/images/ 11 KB
11 KB 165ms
164ms Image
image/png 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/images/076889e12e7677dec7cd916bde2eb8ef.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 24009217eb0450d37b206de1f216e6131c98e81ff92979cf3879dcb7ef7bed33

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 27 Feb 2019 00:42:13 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2b41-582d571dee800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11073

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
652 B 188ms
187ms Image
image/gif 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=42&campaignid=3&zoneid=8&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&cb=7d1139765e
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:03:45 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 338204
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:38 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 70ms
47ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6960825562757852:6029691205

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

85401665325c245c211abdd6777bf10220ebf4765a8839d722e9af3d3a65986b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3490
x-xss-protection: 0
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 47ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6960825562757852&plah=www.majorgeeks.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 8890 10 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 26 May 2021 22:01:17 GMT
expires: Wed, 09 Jun 2021 22:01:17 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 35945
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 i.ashx
track.flexlinkspro.com/ 43 B
342 B 229ms
192ms Image
image/gif 2606:4700::6811:a45c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.flexlinkspro.com/i.ashx?foid=156074.5136.1071863&trid=1049427.201227&foc=16&fot=9999&fos=5
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a45c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 27 May 2021 07:59:48 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: public
cf-ray: 655db58cfee8d6f5-FRA
content-length: 43
cf-request-id: 0a4e6fcc200000d6f5bf217000000001

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
515 B 436ms
186ms Image
image/gif 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=89&campaignid=11&zoneid=7&loc=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&cb=2ebc1b6e92
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:03:45 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=95
Expires: 0

GET
H/1.1 200
OK d4db4f381cea0e53fae0dbbfa4dfba6d.png
ra.majorgeeks.com/www/images/ 36 KB
37 KB 413ms
167ms Image
image/png 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/images/d4db4f381cea0e53fae0dbbfa4dfba6d.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Last-Modified: Wed, 27 Feb 2019 19:03:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9150-582e4d2c8d220"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 37200

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
651 B 232ms
196ms Image
image/gif 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=52&campaignid=3&zoneid=2&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&cb=6e3d1ad836
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:03:45 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
651 B 205ms
185ms Image
image/gif 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=42&campaignid=3&zoneid=5&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&cb=5663cd4e4c
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:03:45 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=96
Expires: 0

GET
H/1.1 200
OK embed.js Show response
majorgeekscom.disqus.com/ 73 KB
24 KB 181ms
55ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://majorgeekscom.disqus.com/embed.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

4392d70695dfda19d4360c844523a40adf48a13d394d134915ef66d17fcedbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:22 GMT
Content-Encoding: gzip
Server: openresty
Age: 46
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24247

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 182ms
61ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55517
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5610
date: Thu, 27 May 2021 06:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 27 May 2021 08:26:52 GMT

GET
H/1.1 200
OK getcode.php Show response
www.majorgeeks.com/cookiebar/ 21 B
291 B 447ms
166ms XHR
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/cookiebar/getcode.php
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/cookiebar/cookiebar-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: b8109670308a928f07d4470f7fd6bf1d696eb58550cd9801d75e7aad8925d26d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:45 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 41

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame B84F 1 KB
997 B 81ms
24ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: dc935257a35a20527490ac266f61f529e5fbbaf58ef0adde233bf1a67e405909

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 27 May 2021 08:00:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 711
Access-Control-Allow-Origin: https://www.majorgeeks.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

POST
H/1.1 200
OK new-impression Show response
thisiswaldo.com/ 1 B
384 B 611ms
176ms XHR
text/html 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/new-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 3 KB
941 B 63ms
58ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
etag: -316279931--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=49, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 765

GET
H3-29 200 1902405440044233 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1902405440044233?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca57111ebd3e8be04bcf49a11f3b2afa2d9a457f744a4a72fb5bfb46f922a416

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74151
x-fb-rlafr: 0
pragma: public
x-fb-debug: mMmeO1hnHjm9tlA2DttIa0Y635fVcBv1vOXDd9+szzl0maOve9aGRlTM7U94QMIfvM/vYUHOiqq/EkJc+kYDgA==
x-frame-options: DENY
date: Thu, 27 May 2021 08:00:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 43ms
11ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 03 Jun 2021 08:00:22 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 234 KB
64 KB 19ms
18ms Script
text/javascript 2600:9000:21f3:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.majorgeeks.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:59:36 GMT
content-encoding: gzip
age: 46
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:03:54 GMT
server: AmazonS3
etag: W/"2848b39634e3b71d7b4f01531f83807a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ppLOG18nLbMJ-gIte4pkdYjAJrdUej1f1NjLDNpQbAbC5MpbBwhQWg==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8ae5b14cfe6266cf7f20e0dee01d2539&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f775700ca680cecc4ff2df40ebaa47a607e4f770c76a1b4342b7b15497545daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.majorgeeks.com
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6FdGF9qOZCbXTtYGrbDv4A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65612
x-fb-rlafr: 0
x-fb-debug: A9cpJe+Orz7WiRdNOm10AmI/qFndmWIjnn3BRQ7IPWmYuiXAoxCPfC9nR4IXVlardFKr+7z40GGNUW+6I/Qa5A==
x-fb-content-md5: cc3431c1941bfe1b029f990a206cb1c2
x-frame-options: DENY
date: Thu, 27 May 2021 08:00:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "379a67e3528f12eab89c9a37894f7572"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 06:08:19 GMT

GET
H3-29 200 pubads_impl_2021052501.js Show response
securepubads.g.doubleclick.net/gpt/ 310 KB
109 KB 69ms
67ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111175
x-xss-protection: 0
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H3-29 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
275 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6960825562757852:6029691205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:14:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 589562
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281073
x-xss-protection: 0
expires: Fri, 20 May 2022 12:14:20 GMT

GET
H3-29 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
41 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6960825562757852:6029691205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:14:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 589562
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41474
x-xss-protection: 0
expires: Fri, 20 May 2022 12:14:20 GMT

GET
H3-29 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6960825562757852:6029691205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 1607
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Thu, 27 May 2021 08:23:35 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1531741648&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&ul=en-us&de=UTF-8&dt=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=95130667&gjid=605493750&cid=2083734590.1622102423&tid=UA-956038-1&_gid=1327017161.1622102423&_r=1&_slc=1&z=1420259737

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 149ms
149ms XHR
text/plain 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=094e2c86-72d9-47d6-a647-d95ce39ad4c7&u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.majorgeeks.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: B_2eBti_FJ91qrzNsygNPNSAqIcZRZLeCSPyLqd9fPuV_RPlQojrbg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 162ms
58ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:44:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 69352
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: MzGhRtRngAh7xEEqVtrVbc8sbBcD1IGTXVTROjzaqrIElaUVXYI6Cg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 20ms
19ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1902405440044233&ev=PageView&dl=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&rl=&if=false&ts=1622102422878&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622102422876.1887990243&it=1622102422668&coo=false&exp=l0&rqm=GET

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 27 May 2021 08:00:22 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 59ms
58ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 27 May 2021 08:00:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 53ms
52ms Image
image/gif 104.117.198.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.198.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-198-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=658310
accept-ranges: bytes
content-length: 43
expires: Thu, 03 Jun 2021 22:52:12 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 164ms
53ms Image
image/gif 95.100.67.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-45.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=715594
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 04 Jun 2021 14:46:57 GMT

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 2 B
344 B 38ms
10ms Script
application/javascript 2600:9000:2182:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:09:33 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
server: AmazonS3
age: 3049
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
content-length: 2
x-amz-cf-id: kPRuoaMrAh7e_yQBW3GrZ0-H5lQFflEB34CNBE3B-NTA4F0iPUu1mQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-956038-1&cid=2083734590.1622102423&jid=95130667&gjid=605493750&_gid=1327017161.1622102423&_u=IEBAAEAAAAAAAC~&z=1036974136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 May 2021 08:00:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 92ms
88ms XHR
text/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&pid=i0mW5LRhQXEK3&cb=0&ws=1600x1200&v=7.65.00&t=2250&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&cfgv=0&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bTj6JMUIjst7Tuo0l1DoZKnQfH-fxux8QGgKv_1syGhCgWKdRNsIzg==

GET
H2 200 lounge.66d90a567df61ef2f1d6862d5e000e49.css
c.disquscdn.com/next/embed/styles/ 0
25 KB 37ms
10ms Other
text/css 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211092
x-cache: Hit from cloudfront
content-length: 25305
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-62d9"
content-type: text/css; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: eRvgQovv9Qg9OYbYQ5U5oapvy7voJPIprbrdXbYrA-YGuXoKjmHziw==
x-cache-hits: 0

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ 0
93 KB 37ms
11ms Other
application/javascript 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 10:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1976630
x-cache: Hit from cloudfront
content-length: 94786
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-17242"
content-type: application/javascript; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Wed, 04 May 2022 10:56:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: UD8YmjWqgaei3YAlZcR-uDRoE47Vgf-_PLU1CY0vas_j974RUnt37g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js
c.disquscdn.com/next/embed/ 0
118 KB 37ms
11ms Other
application/javascript 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211092
x-cache: Hit from cloudfront
content-length: 119834
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-1d41a"
content-type: application/javascript; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: SXs-Ww-rvhngBk3WlIcQw-dseMJ0lpAyvJl3kJdK0k-2C_HDl3YhIA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 154ms
49ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 48
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11848
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 1180 2 KB
1 KB 26ms
24ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=563719
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 964dcb8552e8038a469bd8f55982cafc9f8980ccc9fa357bd144dc9a142538f3

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/sync.html?aid=555831
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/sync.html?aid=555831

Response headers

Server: VertaMedia 1.0
Date: Thu, 27 May 2021 08:00:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 963
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 94EA 8 KB
3 KB 289ms
55ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.adtelligent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

last-modified: Wed, 21 Oct 2020 18:57:29 GMT
etag: "1300708-1f78-5b232eb4914bb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2654
content-type: text/html; charset=UTF-8
cache-control: max-age=156136
expires: Sat, 29 May 2021 03:22:39 GMT
date: Thu, 27 May 2021 08:00:23 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set csync Show response
sync.adtelligent.com/ Frame 256C
Redirect Chain

https://cs.admanmedia.com/sync/selectmedia?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310756%26extuid%3D%7B%24UID%7D
https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d

86 B
551 B

398ms
382ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 27 May 2021 08:00:23 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=af5c59fe941a7d8a; expires=Wed, 28 Jul 2021 08:00:23 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a310756=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d; expires=Wed, 28 Jul 2021 08:00:23 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

Server: nginx
Date: Thu, 27 May 2021 08:00:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d; path=/; domain=.admanmedia.com; expires=Fri, 27 May 2022 08:00:23 GMT; max-age=31536000 ;SameSite=None; Secure
Location: https://sync.adtelligent.com/csync?t=a&ep=310756&extuid=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
62 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec994bc577b39bf0926807b16f4ed65437b7c3bc96b7e6cc6e83e81da1486f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "9047794089193213864"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 27 May 2021 08:00:23 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 21440
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Fri, 27 May 2022 02:03:03 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 33ms
10ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK cookiebar.css
www.majorgeeks.com/cookiebar/ 6 KB
2 KB 170ms
169ms Stylesheet
text/css 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/cookiebar/cookiebar.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/cookiebar/cookiebar-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1df24655e887d55074e3b6e289e842ac418155623d437261ab89c8769ff9a40e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3; __atuvc=1%7C21; __atuvs=60af5196d03a5c44000; _ga=GA1.2.2083734590.1622102423; _gid=GA1.2.1327017161.1622102423; _gat=1; _fbp=fb.1.1622102422876.1887990243; aasd=1%7C1622102422919; waldo_country=PL; waldo_continent=EU; waldo_region=78
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Aug 2015 07:09:46 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1647-51c76f8984280-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1333

GET
H/1.1 200
OK en.html Show response
www.majorgeeks.com/cookiebar/lang/ 3 KB
1 KB 172ms
171ms XHR
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/cookiebar/lang/en.html
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/cookiebar/cookiebar-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 , United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0d64a83b77d799d875548cf765e0915332c05bd0d35e16f8ac77b2f61e1942db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.majorgeeks.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Cookie: PHPSESSID=6gpbucd9acbsfmpk6dprmj4hu3; __atuvc=1%7C21; __atuvs=60af5196d03a5c44000; _ga=GA1.2.2083734590.1622102423; _gid=GA1.2.1327017161.1622102423; _gat=1; _fbp=fb.1.1622102422876.1887990243; aasd=1%7C1622102422919; waldo_country=PL; waldo_continent=EU; waldo_region=78
Connection: keep-alive
Referer: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:03:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Aug 2015 07:09:46 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c71-51c76f8984280-gzip"
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1150

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame D87E 19 KB
6 KB 288ms
288ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0e8c55aad29c6c5335dd33118cf6a3c50eede149dd23ebf9e319994af4ff2c1b

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.majorgeeks.com/

Response headers

Connection: keep-alive
Content-Length: 5141
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 25 May 2021 20:28:05 GMT
ETag: W/"lounge:view:984502575.383a8bdcbc001c71cc4e582875547da7.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 27 May 2021 08:00:23 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 204 d
ic.tynt.com/r/ Frame 1B50 0
0 598ms
147ms Document
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.adtelligent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

server: nginx/1.16.1
date: Thu, 27 May 2021 08:00:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 1180
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af5c59fe941a7d8a

35 B
232 B

265ms
64ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af5c59fe941a7d8a
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af5c59fe941a7d8a
Date: Thu, 27 May 2021 08:00:23 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 1180
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=62c8db06-6297-4c51-9e73-161529447b6c

86 B
547 B

461ms
377ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=62c8db06-6297-4c51-9e73-161529447b6c
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=62c8db06-6297-4c51-9e73-161529447b6c
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: fhl8v3oea6isi5qfacldq5t0cqvbhhfo

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 1180
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=40a1feff49cf3b85ef5b5224

86 B
535 B

730ms
377ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=40a1feff49cf3b85ef5b5224
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Date: Thu, 27 May 2021 08:00:23 GMT
Server: nginx
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=40a1feff49cf3b85ef5b5224
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 1180
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1183710237432283012

86 B
530 B

616ms
377ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1183710237432283012
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:00:23 GMT
X-Proxy-Origin: 37.120.211.116; 37.120.211.116; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 37666652-c874-4a21-8ccb-152832f8b727
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1183710237432283012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
ads.us.e-planning.net/uspd/1/ Frame 1180
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

0
0

66ms
64ms

Image
text/html

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
date: Thu, 27 May 2021 08:00:23 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
content-type: text/html; charset=iso-8859-1
x-sid: AMS-604

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 1180
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c5af92a2-a133-4e27-81d7-c73fe92770af

86 B
547 B

715ms
378ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c5af92a2-a133-4e27-81d7-c73fe92770af
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c5af92a2-a133-4e27-81d7-c73fe92770af
date: Thu, 27 May 2021 08:00:23 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 1180
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D312412%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=af5c59fe941a7d8a

86 B
527 B

378ms
377ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=af5c59fe941a7d8a
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=312412&extuid=af5c59fe941a7d8a
Date: Thu, 27 May 2021 08:00:23 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 61ms
52ms Image
image/gif 104.117.198.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT_control&dgeg=0&dgw=desktop&flg=AAXUUR32B&fw=WARSAW&ff=PL&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=majorgeeks.com&vhuyqdph=ssp-serving-55c4958b59-tmbd5&vg=1&vyu=052411_244_052611_199_ssp&vf=&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001622102422918006286753288990&vvsDeExfnhw=CONTROL&qsd=0&oz=1&gdss=green&uwbsh=&oeu=0&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=2000&jwg=100&lqlg=&qjixqgo=1100&ugo=800&lg_ghwdlov=&deg=2&gvwduw=33&ghqg=359&sf=&uhtxuo=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&nzui=
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.198.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-198-191.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:23 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 27 May 2021 08:00:23 GMT

GET
H2 200 udm-r3_v2.6.27.js Show response
bid.underdog.media/ 476 KB
147 KB 57ms
8ms Script
application/javascript 2600:9000:21f3:400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16021;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e583af855c8e4ebd9c7218cf624d763268fa478ca34dcddf43d9de52bfb7088f

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 21:33:29 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 21:27:09 GMT
server: AmazonS3
age: 37614
etag: "2a5027dd3d1d053f9ce4a6e6e75a8e57"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 149588
x-amz-cf-id: _pzmz-5XPgNXYPVxz5apQ6W89TE_NGILeWu-TYr5XsyuOnpRPwhYCA==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 147 B
601 B 13ms
8ms Script
application/javascript 2600:9000:2182:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:10:34 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age: 2990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Tue, 27 Apr 2021 19:10:31 GMT
server: AmazonS3
etag: "f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: q00bHhWnORMLeL2xfva9L7xMtNfzmGF_gvwTjuCjJ5GCrpBNe0YwzA==

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=1183710237432283012

43 B
595 B

337ms
196ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=1183710237432283012
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:00:23 GMT
X-Proxy-Origin: 37.120.211.116; 37.120.211.116; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid: fe45a49b-2dd4-47a4-84aa-41c5ca5ed319
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=1183710237432283012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...

0
39 B

61ms
54ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1
date: Thu, 27 May 2021 08:00:22 GMT
content-length: 260
content-type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ 0
297 B 550ms
136ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 910039118
access-control-allow-origin: https://www.majorgeeks.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
https://udmserve.net/udm/fetch.pix?dt=1;admix=b464414b532b4b5ebef1228a2d1bd833

43 B
608 B

199ms
199ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=b464414b532b4b5ebef1228a2d1bd833
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Thu, 27 May 2021 08:00:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=b464414b532b4b5ebef1228a2d1bd833
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
https://udmserve.net/udm/fetch.pix?dt=1;acu=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d

43 B
614 B

197ms
197ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;acu=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?dt=1;acu=16eb3054402a6c9b7b85cdd1276a0d0d1d867f9d
Date: Thu, 27 May 2021 08:00:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
428 B 9ms
9ms Script
application/javascript 2600:9000:2182:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 11:14:35 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age: 74749
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: mBeCNj4DUoy4bTf3vXUsCvbvBf0tFm-WBPrNYwZ8T6NA7Gnh7tfzmQ==

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 047B 38 KB
14 KB 56ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D306114%26extuid%3D%20PM_UID

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=28745
expires: Thu, 27 May 2021 15:59:28 GMT
date: Thu, 27 May 2021 08:00:23 GMT
vary: Accept-Encoding

GET
H2 200 bcv1.js Show response
bid.underdog.media/ 9 KB
4 KB 10ms
9ms Script
application/x-javascript 2600:9000:21f3:400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7af09cddf0ae0df8047cd6d1cbc80efac70e4cd10a08b1a095d29d52f107b1f2

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:40:55 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:30:04 GMT
server: AmazonS3
age: 1169
etag: "069c43bdddd884bf925e46b3d48a0fe0"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3680
x-amz-cf-id: GAtlcBKtMl27aBGXtUZGYk9KdXXxZLV5GPI7Ks7cbryAPZwu_fJusA==

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 32 KB
14 KB 8ms
8ms Script
application/x-javascript 2600:9000:21f3:400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30f96a295330e8d25e3b30194d77969ba5c9eb30d1e4ed432a25e3361a916824

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:12:54 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:00:05 GMT
server: AmazonS3
age: 2849
etag: "3589a81beda23ebe1afe2774e7ae082e"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 14068
x-amz-cf-id: blzKERhok3MQRj3MIm5YtSJY7UCTjgmAsKfovZDbHv9TRXDLvPgJhA==

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 33ms
16ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6v0dHEuyi3FtKqb5

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 27 May 2021 08:00:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 57ms
56ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-271"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 27 May 2021 08:00:23 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 59ms
53ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 27 May 2021 08:00:23 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 047B 6 KB
6 KB 170ms
55ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35232921&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 615f43935725f4d8fc5723208a5cb7bfc84ae65364f11fdef39d6259b2b3b7fa

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 lounge.load.88af8d9914348537252d7500932cb936.js Show response
c.disquscdn.com/next/embed/ Frame D87E 1 KB
1 KB 33ms
10ms Script
application/javascript 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.88af8d9914348537252d7500932cb936.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a0dcf32e5450287bf01d6ebd7e1f9416d155b736b7bbe764c08724b6c43e03fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211091
x-cache: Hit from cloudfront
content-length: 531
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-213"
content-type: application/javascript; charset=utf-8
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: ZmGU-WandyMDDlYHorwwf1BzRCv0QPPoEXARnO_pZvBph1D4mB7pmA==
x-cache-hits: 0

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js Show response
c.disquscdn.com/next/embed/ Frame D87E 282 KB
93 KB 9ms
9ms Script
application/javascript 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.88af8d9914348537252d7500932cb936.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 10:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1976630
x-cache: Hit from cloudfront
content-length: 94786
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-17242"
content-type: application/javascript; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Wed, 04 May 2022 10:56:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: VhppUd_9iQmcKUlS6T7OZVmVD7bIzFKFKc6VfPbWLMe2Bu_L57wKaQ==
x-cache-hits: 0

GET
H2 200 lounge.66d90a567df61ef2f1d6862d5e000e49.css
c.disquscdn.com/next/embed/styles/ Frame D87E 153 KB
25 KB 25ms
15ms Stylesheet
text/css 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eb0cada7c2499556527a397894c7c149df7cde682d44f227e700095c5cc9d049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211092
x-cache: Hit from cloudfront
content-length: 25305
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-62d9"
content-type: text/css; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: febPpF1_0aZqf0x7TZbPC68cPgXuHkqGSZbS63nrEAGfBOFDPf5UuA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js Show response
c.disquscdn.com/next/embed/ Frame D87E 465 KB
118 KB 16ms
15ms Script
application/javascript 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

75de4c6311cf9e546ed737c1569c82f9dd9984f0b7126f79efce1059b71a8b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211092
x-cache: Hit from cloudfront
content-length: 119834
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-1d41a"
content-type: application/javascript; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: lnBCrEMHSFRIZX8I4Vr8t_5i_BFhCUrXncndLfkffGr1P3ybyJn25w==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame D87E 12 KB
12 KB 56ms
55ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3996bbffc767d98d55b0c72079ac2aec9b17e1d89bc063712ef2c2b908794c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:23 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 49
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11848
X-XSS-Protection: 1; mode=block

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 0A98
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A

35 B
467 B

65ms
64ms

Document
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 27 May 2021 08:00:24 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=1759557766015304122; expires=Mon, 26 Jul 2021 08:00:24 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 27 May 2021 08:00:24 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sun, 27 Jun 2021 08:00:24 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 9825 35 B
134 B 186ms
59ms Document
image/gif 213.155.156.168
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.168 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9CF8 43 B
304 B 197ms
63ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 27 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1132
date: Thu, 27 May 2021 08:00:23 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5203
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180

42 B
383 B

394ms
51ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F9F4E904-E4F1-44F9-AA1D-30223AB6486A; chkChromeAb67Sec=1; DPSync3=1623283200%3A219_201_197%7C1622160000%3A174; SyncRTB3=1623283200%3A204_231_161_3_56_165_99_220_71_8_13_234_81_55_88_230_189_21_22_166_176_7_54%7C1622937600%3A63%7C1622678400%3A223_15_67_2%7C1624665600%3A203%7C1623369600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 27 May 2021 08:00:23 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6966876861845207180; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 26-Jun-2021 08:00:23 GMT; path=/ PugT=1622102423; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 26-Jun-2021 08:00:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 25-Aug-2021 08:00:23 GMT; path=/
x-lat: amspug007:0:418
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 27 May 2021 08:00:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6966876861845207180; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6966876861845207180

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame B27D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZWswN0JYcU1BQUM3elFCVjhTUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

82ms
82ms

Document
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AABek07BXqMAAC7zQBV8SQ; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 27 May 2021 08:00:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 27 May 2021 08:00:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BF17
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
243 B

411ms
51ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F9F4E904-E4F1-44F9-AA1D-30223AB6486A; chkChromeAb67Sec=1; DPSync3=1623283200%3A219_201_197%7C1622160000%3A174; SyncRTB3=1623283200%3A204_231_161_3_56_165_99_220_71_8_13_234_81_55_88_230_189_21_22_166_176_7_54%7C1622937600%3A63%7C1622678400%3A223_15_67_2%7C1624665600%3A203%7C1623369600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 27 May 2021 08:00:23 GMT
content-type: text/html; charset=utf-8
x-lat: amspug014:2:254
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=f8fe93bb-e7eb-4001-9340-7f1d96b6d67e; path=/; domain=csync.loopme.me; Expires=Sun, 27-Jun-2021 08:00:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 27 May 2021 08:00:24 GMT
server: _

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame D5AC 43 B
408 B 214ms
65ms Document
image/gif 72.251.241.206
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-4
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

RX-732e3368-1005-49db-b366-934083672026-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame D338
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2788398634
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2788398634
https://sync.1rx.io/usersync/tradedesk/0e489508-520c-4f74-bf91-9963e870dcfe
https://sync.1rx.io/usersync/tradedesk/0e489508-520c-4f74-bf91-9963e870dcfe?zcc=1&dspret=0&cb=1622102425488
https://sync.targeting.unrulymedia.com/csync/RX-732e3368-1005-49db-b366-934083672026-003

43 B
395 B

164ms
52ms

Document
image/gif

213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-732e3368-1005-49db-b366-934083672026-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-732e3368-1005-49db-b366-934083672026-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: Tengine
date: Thu, 27 May 2021 08:00:25 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-732e3368-1005-49db-b366-934083672026-003%22%7D; path=/; expires=Fri, 27 May 2022 08:00:25 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 27 May 2021 08:00:25 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-732e3368-1005-49db-b366-934083672026-003

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg

42 B
295 B

559ms
72ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F9F4E904-E4F1-44F9-AA1D-30223AB6486A; chkChromeAb67Sec=1; DPSync3=1623283200%3A219_201_197%7C1622160000%3A174; SyncRTB3=1623283200%3A204_231_161_3_56_165_99_220_71_8_13_234_81_55_88_230_189_21_22_166_176_7_54%7C1622937600%3A63%7C1622678400%3A223_15_67_2%7C1624665600%3A203%7C1623369600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 27 May 2021 08:00:24 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-ojDT4HRbvBYmtlEbanIhW4Bg; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 26-Jun-2021 08:00:24 GMT; path=/ PugT=1622102424; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 26-Jun-2021 08:00:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 25-Aug-2021 08:00:24 GMT; path=/
x-lat: lhrpug002:0:525
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 27 May 2021 08:00:24 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=ojDT4HRbvBYmtlEbanIhW4Bg; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ojDT4HRbvBYmtlEbanIhW4Bg
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 83D3 42 B
992 B 50ms
22ms Document
image/gif 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a4e6fd1db00004e5c48253000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 655db5962bf74e5c-FRA

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0BC3
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219

1 B
68 B

153ms
52ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F9F4E904-E4F1-44F9-AA1D-30223AB6486A; chkChromeAb67Sec=1; DPSync3=1623283200%3A219_201_197%7C1622160000%3A174; SyncRTB3=1623283200%3A204_231_161_3_56_165_99_220_71_8_13_234_81_55_88_230_189_21_22_166_176_7_54%7C1622937600%3A63%7C1622678400%3A223_15_67_2%7C1624665600%3A203%7C1623369600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 27 May 2021 08:00:23 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 25-Aug-2021 08:00:23 GMT; path=/
x-lat: amspug013:0:396
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-555c8fd69d-wzxdd
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5h9jhCiJthZi&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=f32f97a62c125449; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 5E11
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
447 B

185ms
175ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=a2noeUP3rTmCiAyVsESZcCDRcvZc4VT1Ws0WKF2xeg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aDnseFrwZayaQXwrSQEbU5ZdjrfhZc5xpQcRHuWFIX7y721J9V58YXbXAO0IFhDZdLGNfpTnFiXYdcYrBYZcZcQJDp; path=/; domain=.tribalfusion.com; expires=Wed, 25-Aug-2021 08:00:24 GMT; SameSite=None; Secure; ANON_ID_old=aDnseFrwZayaQXwrSQEbU5ZdjrfhZc5xpQcRHuWFIX7y721J9V58YXbXAO0IFhDZdLGNfpTnFiXYdcYrBYZcZcQJDp; path=/; domain=.tribalfusion.com; expires=Wed, 25-Aug-2021 08:00:24 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a4e6fd28b00002b7d1226b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 655db597499a2b7d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 27 May 2021 08:00:24 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 4145
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=a2noeUP3rTmCiAyVsESZcCDRcvZc4VT1Ws0WKF2xeg; path=/; domain=.tribalfusion.com; expires=Wed, 25-Aug-2021 08:00:24 GMT; SameSite=None; Secure; ANON_ID_old=a2noeUP3rTmCiAyVsESZcCDRcvZc4VT1Ws0WKF2xeg; path=/; domain=.tribalfusion.com; expires=Wed, 25-Aug-2021 08:00:24 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a4e6fd1d900002b7d040ee000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 655db5962f1f2b7d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame D998 0
44 B 425ms
135ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 27 May 2021 08:00:24 GMT
server: a

GET
H/1.1 200
OK Cookie set csync Show response
sync.adtelligent.com/ Frame 7BF3 86 B
554 B 441ms
382ms Document
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=306114&extuid=%20PM_UIDF9F4E904-E4F1-44F9-AA1D-30223AB6486A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: vmuid=af5c59fe941a7d8a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 27 May 2021 08:00:24 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=af5c59fe941a7d8a; expires=Wed, 28 Jul 2021 08:00:24 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a306114= PM_UIDF9F4E904-E4F1-44F9-AA1D-30223AB6486A; expires=Wed, 28 Jul 2021 08:00:24 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 047B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-fTpBOTxRPmqHTAiOrZIag%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-fTpBOTxRPmqHTAiOrZIag%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

103ms
102ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 18:57:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-1f78-5b232eb4914bb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=156135
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2654
expires: Sat, 29 May 2021 03:22:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=178260af-5197-4300-8981-91d7bd587eee

0
259 B

173ms
59ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=178260af-5197-4300-8981-91d7bd587eee
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 27 May 2021 08:00:24 GMT
Server: MT3 3736 915c305 master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=178260af-5197-4300-8981-91d7bd587eee
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 May 2021 08:00:23 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 047B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F9F4E904-E4F1-44F9-AA1D-30223AB6486A
https://spl.zeotap.com/?zdid=1332&zcluid=dad4e1cadc2704f6
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996f03264448&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESECA_gQ8kZ-WuoawRYMSBA2I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996...

95 B
189 B

35ms
32ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESECA_gQ8kZ-WuoawRYMSBA2I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996f03264448&zcluid=dad4e1cadc2704f6&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 655db59b6ec44e37-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a4e6fd52100004e37ce075000000001

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESECA_gQ8kZ-WuoawRYMSBA2I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ae1cb6-fd97-4dd8-68eb-99ef63b60ab8&reqId=de630d39-55f1-430e-7158-996f03264448&zcluid=dad4e1cadc2704f6&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjlGNEU5MDQtRTRGMS00NEY5LUFBMUQtMzAyMjNBQjY0ODZB&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjlGNEU5MDQtRTRGMS00NEY5LUFBMUQtMzAyMjNBQjY0ODZB&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

213ms
71ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:376
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFF4N3A042JP-aJrfUMj-0&google_cver=1

42 B
281 B

215ms
73ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFF4N3A042JP-aJrfUMj-0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:479
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFF4N3A042JP-aJrfUMj-0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 047B 43 B
609 B 3897ms
80ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 26 May 2021 08:00:27 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=285739401681074399

42 B
232 B

52ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=285739401681074399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:378
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=285739401681074399
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b95c60af-5197-4700-adb0-ed800bdb1d46&gdpr=0&gdpr_consent=

42 B
340 B

52ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b95c60af-5197-4700-adb0-ed800bdb1d46&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 27 May 2021 08:00:24 GMT
Server: MT3 3736 915c305 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b95c60af-5197-4700-adb0-ed800bdb1d46&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 May 2021 08:00:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e489508-520c-4f74-bf91-9963e870dcfe

42 B
293 B

56ms
55ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e489508-520c-4f74-bf91-9963e870dcfe
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0e489508-520c-4f74-bf91-9963e870dcfe
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1183710237432283012&gdpr=0&gdpr_consent=

42 B
209 B

560ms
72ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1183710237432283012&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:792
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:00:24 GMT
X-Proxy-Origin: 37.120.211.116; 37.120.211.116; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: 03a8520a-1ce5-4b81-a666-4eb5fcc84fb9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1183710237432283012&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 F9F4E904-E4F1-44F9-AA1D-30223AB6486A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 047B 43 B
839 B 102ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F9F4E904-E4F1-44F9-AA1D-30223AB6486A?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RZJmfAlE2uX1zSrAfm8.onLXi7FS_3Q-~A&gdpr=0&gdpr_consent=

0
127 B

61ms
60ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RZJmfAlE2uX1zSrAfm8.onLXi7FS_3Q-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 27 May 2021 08:00:24 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RZJmfAlE2uX1zSrAfm8.onLXi7FS_3Q-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n2QeU5xlRg2ENUoAkGZSAchsTAOEbUsEnGZkjGTk

42 B
272 B

74ms
72ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n2QeU5xlRg2ENUoAkGZSAchsTAOEbUsEnGZkjGTk
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:381
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n2QeU5xlRg2ENUoAkGZSAchsTAOEbUsEnGZkjGTk
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=61734f35-9f7b-4269-99ea-2c21e564e843&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b569b3-645b-4807-a9a7-978dcda26ad1&gdpr=&gdpr_consent=&gdpr_pd=

1 B
336 B

53ms
52ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b569b3-645b-4807-a9a7-978dcda26ad1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:399
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b569b3-645b-4807-a9a7-978dcda26ad1&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 27 May 2021 08:00:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YK9RmAABS9ME2AAC&gdpr=0&gdpr_consent=&_test=YK9RmAABS9ME2AAC

1 B
390 B

54ms
53ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YK9RmAABS9ME2AAC&gdpr=0&gdpr_consent=&_test=YK9RmAABS9ME2AAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:572
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622102425.032424,VS0,VE0
x-served-by: cache-hhn4054-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YK9RmAABS9ME2AAC&gdpr=0&gdpr_consent=&_test=YK9RmAABS9ME2AAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a033bb95-9297-4e61-ae54-0cc9bb21d54e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

52ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a033bb95-9297-4e61-ae54-0cc9bb21d54e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:378
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a033bb95-9297-4e61-ae54-0cc9bb21d54e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 27 May 2021 08:00:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 047B 0
104 B 114ms
65ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F9F4E904-E4F1-44F9-AA1D-30223AB6486A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4341733223626699622&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

62ms
60ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4341733223626699622&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:280
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4341733223626699622&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
359 B

72ms
71ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:25 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:378
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:24 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1183710237432283012

42 B
110 B

55ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1183710237432283012
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:318
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 08:00:25 GMT
X-Proxy-Origin: 37.120.211.116; 37.120.211.116; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.187:80
AN-X-Request-Uuid: d5deb012-1d93-48c9-bfc9-fd7e4c75a281
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1183710237432283012
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_225bd63f-8b95-436e-addc-9a03baf75711

42 B
224 B

56ms
55ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_225bd63f-8b95-436e-addc-9a03baf75711
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:426
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_225bd63f-8b95-436e-addc-9a03baf75711
date: Thu, 27 May 2021 08:00:25 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame D87E 3 KB
4 KB 53ms
53ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=majorgeekscom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7ec1eb321020199cbe8c9dd9245d3763df708279c96fb72621c3489b772f136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 67
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3226
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loadReactions Show response
disqus.com/api/3.0/threadReactions/ Frame D87E 85 B
530 B 155ms
154ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=984502575&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

867bde5f1930963a16e7dac4c891142edaa529a4428bb3486165757b7c8ead08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=30, max-age=60
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 85
X-XSS-Protection: 1; mode=block

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 12ms
12ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687468
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 9RQrXIrt_CT9PsKdN-ZUNwTaQlM9O2ooKVr3pgouw1gxaWPaZ1Anaw==
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame D87E 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame D87E 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2481763
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: f9pJqyc-zeHIulD7tCVaP-wuWhBhxZ-DRf9QYgrueiMqSYjLQQ-6fA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame D87E 3 KB
3 KB 12ms
11ms Image
image/gif 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 9774137
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Rg9bLKfLh40r45OzRLD0fSbgvJREDurdHABuhHLgDF89joBBqggKEA==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame D87E 2 KB
2 KB 12ms
11ms Image
image/png 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 06:58:50 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2682094
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 22 Apr 2021 19:20:03 GMT
server: nginx
etag: "6081cc63-746"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Apr 2022 06:58:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ukKYBd1eOGqfmbIJF-agMZtEBLZcCWnwD0GtszHlsADncaVAauEjMA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame D87E 8 KB
8 KB 10ms
10ms Font
application/octet-stream 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1983530
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tOml3OCEtt7V8LKbPvx3HIkOuAGWpOr7Lhz3Q9RtfpvxDsX0OTwqXA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 14ms
13ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687468
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: bdfJV6uSuKZXYWYRIjhPYlklZiu1pol_-rQK9B6yYgmKAjoC66oMYQ==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame D87E 3 KB
2 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7167af91b1403339ebd72fed59fb0b76df8c6d749b1fbac79b3770760411c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Zjvfyy3FNo4FCLbGNPR82A==
cross-origin-resource-policy: cross-origin
expires: Thu, 27 May 2021 08:09:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: q8+4kyNpbBd/YW80Bo6GBxAmySkbbDDNBALk/XMuN0MMTrza9jxNG++LbNj+jrOvEx/UvIwQwoCbVf0DUykoSw==
x-fb-trip-id: 686109401
x-fb-content-md5: 5f61623dbe1ecd540af4859d2093b335
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 May 2021 08:00:24 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c53ce0058348a27e6d4a219e44079887"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
apis.google.com/js/ Frame D87E 12 KB
5 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aUpueu3IEps1w+3diQ3K1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "79224003c2b5597899d15c3a85e46734"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-aUpueu3IEps1w+3diQ3K1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 27 May 2021 08:00:24 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 9ms
8ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687468
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: WnLA2GKgSHocboSzTacd8qKId45ux84UMHm-TBuMe5vzeKMKh5GTLA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 9ms
9ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687468
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Mgkm18dVZXT0lB0HkdPdPkr2gW9lcsGYRfznn6irF8t7pOtLruy5NA==
x-cache-hits: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame D87E 218 KB
64 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8ae5b14cfe6266cf7f20e0dee01d2539&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f775700ca680cecc4ff2df40ebaa47a607e4f770c76a1b4342b7b15497545daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6FdGF9qOZCbXTtYGrbDv4A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65612
x-fb-rlafr: 0
x-fb-debug: A9cpJe+Orz7WiRdNOm10AmI/qFndmWIjnn3BRQ7IPWmYuiXAoxCPfC9nR4IXVlardFKr+7z40GGNUW+6I/Qa5A==
x-fb-content-md5: cc3431c1941bfe1b029f990a206cb1c2
x-frame-options: DENY
date: Thu, 27 May 2021 08:00:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "379a67e3528f12eab89c9a37894f7572"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 06:08:19 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame D87E 103 KB
34 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 19:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
age: 565194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35022
x-xss-protection: 0
expires: Fri, 20 May 2022 19:00:30 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 16ms
9ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687468
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: xPomfKllKt_5JWnTqqiTQn3Pp2laTEdFYA03flSoBIj2WDq1Or5XzQ==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 7451 337 B
808 B 13ms
9ms Stylesheet
text/css 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1918010
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: H9X4p5M0IO5sDGJLYXsGZz6K2mBEvYTz94c2D1mYqvbwj4bSQOxokw==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 2C53 337 B
807 B 9ms
9ms Stylesheet
text/css 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: majorgeekscom.disqus.com
URL: https://majorgeekscom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1918010
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: xelJ6TVdRxpeN-FG5QQfnNlRqilgwweUVBbOSFLXS71ABGMbAakgeQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/2622/1502/ Frame D87E 2 KB
2 KB 21ms
18ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/2622/1502/avatar92.jpg?1621957791

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2eff02bfde136039cb0b3616762a892e90b194beace6bee5b16df31ea116c003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 15:51:23 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 144541
x-cache: Hit from cloudfront
content-length: 2022
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 25 May 2021 15:49:52 GMT
server: nginx
etag: "1889d8fb9580a014a97182bb4679df3d"
content-type: image/jpeg
expires: Wed, 25 May 2022 15:51:23 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: OxGo33-vu_xw3KbACRRlz1jyv-nIQ86nNnY0sR4qoDLuzA5P8k1-1A==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/25494/6292/ Frame D87E 3 KB
3 KB 25ms
20ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/25494/6292/avatar92.jpg?1497344777

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7d39324eb084938b8ddd7606c2f0e73d99543faed1e54fa96684563eb5a9badc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 01:20:54 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 110370
x-cache: Hit from cloudfront
content-length: 2796
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 13 Jun 2017 09:06:18 GMT
server: nginx
etag: "b8e8a1e3dc8f945137eef2ce23dbe905"
content-type: image/jpeg
expires: Thu, 26 May 2022 01:20:54 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: EDiKqgUuprvWCONbbGA_IWo_Cu9LT8F5W1JRVaVhIGpozfwWvDIb3Q==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/10704/4700/ Frame D87E 3 KB
4 KB 28ms
23ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/10704/4700/avatar92.jpg?1400125140

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f088f31199206ae1c853bfa69d6f238323f11080ab93715f6afb35566d5b1ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 12:39:14 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 156070
x-cache: Hit from cloudfront
content-length: 3201
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Thu, 15 May 2014 03:39:01 GMT
server: nginx
etag: "47dd116283213d44f7c8aa90e75f915b"
content-type: image/jpeg
expires: Wed, 25 May 2022 12:39:14 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: NuaSkWUxQjBC4u9u_WTURaki16jttch-ZwwIsrkLG_UjAvEoCTcuKg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/3833/2519/ Frame D87E 2 KB
3 KB 18ms
13ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/3833/2519/avatar92.jpg?1593730982

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8827be58015acc0964812101fa9beefe28878fc271167b849184338a24ba8c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:33:48 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1445196
x-cache: Hit from cloudfront
content-length: 2363
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Thu, 02 Jul 2020 23:03:02 GMT
server: nginx
etag: "35874b7d7bd812fd240d6ffcab8da6b4"
content-type: image/jpeg
expires: Tue, 10 May 2022 14:33:48 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 0L5ZoodDkNkHC30zwAOUNwtL890NBQCSHgJ1qqAeaH7PQGPbPNaxSg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/28167/6748/ Frame D87E 4 KB
4 KB 23ms
18ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/28167/6748/avatar92.jpg?1520381652

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c5bfd77ac8f9e75d95a6bced01749a3d3a9592bc2fd40cc76018cabb83a8398f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:05:23 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1817701
x-cache: Hit from cloudfront
content-length: 3935
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 07 Mar 2018 00:14:12 GMT
server: nginx
etag: "234acede29ef21988cdbb606750a5b3f"
content-type: image/jpeg
expires: Fri, 06 May 2022 07:05:23 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: pY9IWv7PwBMMWgJ1XQu6u5OtwR34-6MTs1f_-af3vCOYlbsyjlBtxg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/24505/7711/ Frame D87E 3 KB
4 KB 37ms
32ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/24505/7711/avatar92.jpg?1507473170

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e6ccef193e037e86370ce6e1d310524d4e3371d6515c7e7e0616051cf8475f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 11:15:19 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1197905
x-cache: Hit from cloudfront
content-length: 3181
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Sun, 08 Oct 2017 14:32:51 GMT
server: nginx
etag: "93942c158c2337689797dae0eac81b16"
content-type: image/jpeg
expires: Fri, 13 May 2022 11:15:19 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: tuv49fBOteic-pvU0-vLED7DRyK_fX-CcdFjVBrV1aDtki9uzMdhlw==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/14256/9984/ Frame D87E 4 KB
4 KB 37ms
33ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/14256/9984/avatar92.jpg?1422906081

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6868b7863523b4d462af7ebcb7bce9f9b449dcc62f1be2a23951308647e59822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:44:08 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1836976
x-cache: Hit from cloudfront
content-length: 4085
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 02 Feb 2015 19:41:22 GMT
server: nginx
etag: "c98c83a0254e3c680f3364a77664c2f9"
content-type: image/jpeg
expires: Fri, 06 May 2022 01:44:08 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Foa_k98beG3cffiSgWLtLSEya1joy66E8VzuDD1LtCt4AB8lPAUTAQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/491/3152/ Frame D87E 2 KB
3 KB 20ms
15ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/491/3152/avatar92.jpg?1621759833

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

215d7007608c04cbc18995aa5642f39f881bb84d4a8296c30902f5a3cf3075c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:54:57 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 342327
x-cache: Hit from cloudfront
content-length: 2466
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Sun, 23 May 2021 08:50:34 GMT
server: nginx
etag: "1177cbec53976d44b18ba349083473fb"
content-type: image/jpeg
expires: Mon, 23 May 2022 08:54:57 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: RYxkjINFdV4nfULVzS9grTnCSIBd-lHMmzRAlYVEyCt3nvkbXx-Q9w==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame D87E 13 KB
13 KB 17ms
14ms Image
image/svg+xml 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.66d90a567df61ef2f1d6862d5e000e49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2481763
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: K0uXKG64YUGnL0406pcW6zZ9MajxAXxMYB33_ng_fM3C_zFKht3d8w==
x-cache-hits: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame B6E8 513 B
544 B 50ms
46ms Document
text/html 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f34a4609bbe3daae1e5dd0aee7f32e91830a2ec7660b9c720aca01612100e166

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qXoT6Wbp4ltQKhIbiTcAOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=eG1d7Y5V7XI13jByIuI6_sW3NqgfSL8VjaXdOx_PqG8Tv2q6dSfmnhrstH-cm5Y_N8xkqgblrP6uK8GSBUHKQHZaZWrdE3y9YTYc00zlkUKsYtcgRuJ449LIpegULFvRXMVvqgaTRHI_amrDnUjbPIGxQRxauyJmDvuSgXuBpEk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 May 2021 08:00:24 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-qXoT6Wbp4ltQKhIbiTcAOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 63ms
55ms Image
image/gif 104.117.198.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=25bccp7ihn5fs6949k6cjst5iltv5zda4r85fx7&lwbsh=AAX&dewh=SSP_CLIENT_control&dgeg=0&dgw=desktop&flg=AAXUUR32B&fw=WARSAW&ff=PL&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=majorgeeks.com&vhuyqdph=ssp-serving-55c4958b59-tmbd5&vg=-1&vyu=052411_244_052611_199_ssp&vf=&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001622102422918006286753288990&vvsDeExfnhw=CONTROL&qsd=0&oz=1&gdss=green&uwbsh=&oeu=0&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=2000&jwg=100&lqlg=&qjixqgo=1100&ugo=800&lg_ghwdlov=&vlg=div-gpt-ad-1613599723533-0&gvlg=%2F1011701%2FMG728_ATF_0&vcv=728x90&ws=&odwh=0&vuw=-1&oco=1&wrs=&ewp=&oiw=&ujkw=&oshu=1&vlg=waldo-tag-4129&gvlg=%2F124067137%2Fmajorgeeks160x600FX_1_0&vcv=160x600&ws=amznbid%3D2%7Camznp%3D2&odwh=0&vuw=-1&oco=1&wrs=543.65625&ewp=1143.65625&oiw=1315&ujkw=1475&oshu=1&sf=&uhtxuo=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&nzui=
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.198.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-198-191.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 08:00:25 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 27 May 2021 08:00:25 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame D87E 0
0 42ms
41ms Fetch
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.majorgeeks.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dmajorgeekscom%26t_u%3Dhttps%253A%252F%252Fwww.majorgeeks.com%252Ffiles%252Fdetails%252Fiobit_malware_fighter.html%26t_d%3DDownload%2520IObit%2520Malware%2520Fighter%2520-%2520MajorGeeks%26t_t%3DDownload%2520IObit%2520Malware%2520Fighter%2520-%2520MajorGeeks%26s_o%3Ddefault%23version%3D88af8d9914348537252d7500932cb936&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Swn+60Ok9cAgAHNfn2f1Z8+tKfpsDLhEf9m/YsdaC5SQf2QafyeITT/UC7p6/LOPbwuNM7m5c9sNQKF9hUtB3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 May 2021 08:00:25 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3415758833-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame B6E8 114 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3415758833-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd0e12b1246f6280d9cd402284261eb3e81a9b5c6e179ae5d1a20b7731a4fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 09:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 May 2021 04:38:18 GMT
server: sffe
age: 168295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39736
x-xss-protection: 0
expires: Wed, 25 May 2022 09:15:30 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame B6E8 14 B
58 B 47ms
45ms XHR
application/json 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3415758833-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Thu, 27 May 2021 08:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 27 May 2021 09:00:25 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/206/8243/ Frame D87E 3 KB
4 KB 15ms
15ms Image
image/jpeg 2600:9000:2182:7e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/206/8243/avatar92.jpg?1486983994

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.9523cac7cfc0d3ecf8de05afe92be4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1687469
x-cache: Hit from cloudfront
content-length: 3574
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 13 Feb 2017 11:06:34 GMT
server: nginx
etag: "bcf2ddd1cc4f7d63bcc32d343776fb3f"
content-type: image/jpeg
expires: Sat, 07 May 2022 19:15:56 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: gT87QCgqPWvhatYh3JQzJ1UZKJCWxVNTGilgx_lGs82SUMevxU8mog==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame D87E 43 B
295 B 238ms
139ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1050&event=init_embed&thread=984502575&forum=majorgeekscom&forum_id=2068243&imp=1t789ga2n85dr4&prev_imp&thread_slug=anti_spyware_iobit_malware_fighter_1608_1106_comments_11&user_type=anon&referrer=https%3A%2F%2Fwww.majorgeeks.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/files/details/iobit_malware_fighter.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=majorgeekscom&t_u=https%3A%2F%2Fwww.majorgeeks.com%2Ffiles%2Fdetails%2Fiobit_malware_fighter.html&t_d=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&t_t=Download%20IObit%20Malware%20Fighter%20-%20MajorGeeks&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:00:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 19:18:14	Name: PugT Value: 1622102423
.targeting.unrulymedia.com/	1970-01-20 03:20:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-732e3368-1005-49db-b366-934083672026-003%22%7D
.pubmatic.com/	1970-01-19 19:18:14	Name: KRTBCOOKIE_466 Value: 16530-d0b569b3-645b-4807-a9a7-978dcda26ad1
.pubmatic.com/	1970-01-19 19:18:14	Name: KRTBCOOKIE_377 Value: 6810-0e489508-520c-4f74-bf91-9963e870dcfe&KRTB&22918-0e489508-520c-4f74-bf91-9963e870dcfe&KRTB&23031-0e489508-520c-4f74-bf91-9963e870dcfe
.pubmatic.com/	1970-01-19 19:18:14	Name: KRTBCOOKIE_1074 Value: 22956-e_225bd63f-8b95-436e-addc-9a03baf75711
.pubmatic.com/	1970-01-19 20:44:38	Name: PUBMDCID Value: 3

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 29) Message: triggered on event listener
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.majorgeeks.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 28) Message: sending ad server request

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a.volvelle.tech
accounts.google.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
apis.google.com
bh.contextweb.com
bid.underdog.media
c.aaxads.com
c.amazon-adsystem.com
c.disquscdn.com
c1.adform.net
cdn-images.mailchimp.com
cdn.thisiswaldo.com
clients1.google.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cookie-cdn.cookiepro.com
cs.admanmedia.com
cse.google.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
disqus.com
dsp.adfarm1.adition.com
googleads.g.doubleclick.net
green.erne.co
ib.adnxs.com
ic.tynt.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipfind.co
l3.aaxads.com
majorgeeks.com
majorgeekscom.disqus.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
ra.majorgeeks.com
referrer.disqus.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.tribalfusion.com
s7.addthis.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssl.gstatic.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.trafmag.com
thisiswaldo.com
track.flexlinkspro.com
udmserve.net
um.simpli.fi
ups.analytics.yahoo.com
v1.addthisedge.com
www.aaxdetect.com
www.cleverbridge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.majorgeeks.com
x.bidswitch.net
z.moatads.com
104.117.198.191
104.17.3.11
104.75.88.126
13.226.152.108
13.226.158.204
13.248.242.197
142.250.181.226
142.250.185.130
146.0.227.107
151.101.0.134
151.101.112.134
151.101.114.49
151.101.12.134
159.253.128.183
159.65.196.12
162.55.6.213
169.197.150.8
178.250.0.163
185.29.132.144
185.33.221.89
185.33.221.90
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.80
193.122.174.27
193.200.65.5
198.148.27.140
2.18.233.180
2.18.235.40
2001:678:cb4:bbbb::11
208.100.17.182
213.155.156.168
213.19.147.44
23.111.189.3
23.111.189.6
2600:9000:2182:7e00:6:8656:f5c0:93a1
2600:9000:2182:8e00:6:44e3:f8c0:93a1
2600:9000:21f3:2600:4:164e:ca00:93a1
2600:9000:21f3:3400:9:46dc:4700:93a1
2600:9000:21f3:400:5:c4ab:c3c0:93a1
2606:4700:10::6816:1857
2606:4700:20::ac43:4a81
2606:4700::6811:a45c
2606:4700::6812:778
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200d
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9b
2a02:fa8:8806:16::1400
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.52.76
3.126.56.137
34.98.107.212
35.210.178.101
35.227.252.103
37.157.3.30
5.178.65.246
51.210.112.236
52.15.219.226
52.209.246.140
52.52.210.165
52.58.236.252
54.77.47.243
62.149.0.72
66.155.71.150
68.71.249.118
72.251.241.206
72.251.249.9
85.114.159.93
87.98.228.78
88.214.206.142
95.100.67.45
0027841f92780e946fec18b796bdf47d838f2754bf088d070bee0d05af5cb352
03112acd9c57a388e0b941fcf3039083be72bb2baf40ecf9674dec4b34979628
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
0d64a83b77d799d875548cf765e0915332c05bd0d35e16f8ac77b2f61e1942db
0e8c55aad29c6c5335dd33118cf6a3c50eede149dd23ebf9e319994af4ff2c1b
0e908169efe246fe309000e9b534eb9688d143d5274aa869c60820e183a5ba22
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1c2aa2f06e5988157ced8a192eb80882ee53b335349c019a43012b97969b1196
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d9ab789424bde850c38ee4de1baecb8fd607a6dc2bc8e290f0855b764556a38
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1df24655e887d55074e3b6e289e842ac418155623d437261ab89c8769ff9a40e
215d7007608c04cbc18995aa5642f39f881bb84d4a8296c30902f5a3cf3075c9
223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24009217eb0450d37b206de1f216e6131c98e81ff92979cf3879dcb7ef7bed33
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
25e9ce5a31931b377a1abe5165627815059a58718c8ff77532ebc4c6e9a62982
29c87969f14380f83f141fe0cd927e09178cf4d911ae959d0f15da0d045bd3ca
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eff02bfde136039cb0b3616762a892e90b194beace6bee5b16df31ea116c003
2f5e59efe8e5c6f06d37bb378e9e6f0131a8fba874ea39b3b962b6dd556bc238
30f96a295330e8d25e3b30194d77969ba5c9eb30d1e4ed432a25e3361a916824
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
34be304d302041ded9c1a05a63b20fba66df7b38ad76e4bf18b3ad3440d272b4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3996bbffc767d98d55b0c72079ac2aec9b17e1d89bc063712ef2c2b908794c74
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
41f61ace1fa1d217111ac0123c9ca8ead22792a6ab75a7ba0a7a8195a656a785
4392d70695dfda19d4360c844523a40adf48a13d394d134915ef66d17fcedbf1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46810517680519658591802dcac9a58bcd1315a5ea1ba1d1a2dbffbbb94bb728
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9813007a17b0f1dc8a89199ccc72aff93ec1b1a6ab881d2a0bfc0757c6c340
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fd4f6fc29de939e9168f0777ab7718bfefe976ffa2543a3e5cac396615ff8ef
57aa9b6d3288c983ba267ee97f1dc4b4e24e7c671f8e0ecbda929a1b473ef598
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
615f43935725f4d8fc5723208a5cb7bfc84ae65364f11fdef39d6259b2b3b7fa
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
677283e052e30681c33e46fdd8d07c52e94252de6a74e85ec8a3ae34deb89a3a
6868b7863523b4d462af7ebcb7bce9f9b449dcc62f1be2a23951308647e59822
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec994bc577b39bf0926807b16f4ed65437b7c3bc96b7e6cc6e83e81da1486f0
6f6d00a25c34779a72589e25e81044a7a154b8d628e5938af4f9145f065fe1a7
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
755409f2b193a33dab1fd716eb88f3db8692214ca51a1b9ede08da343ffc8e08
75d780af3544a8850223c642a08d880a057db4198b22d85b03709fabb2fb3429
75de4c6311cf9e546ed737c1569c82f9dd9984f0b7126f79efce1059b71a8b3a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7af09cddf0ae0df8047cd6d1cbc80efac70e4cd10a08b1a095d29d52f107b1f2
7cac8f930733b1871472e82a24ef8ebda4923f03cf116b742ff1e903bd3c9649
7d39324eb084938b8ddd7606c2f0e73d99543faed1e54fa96684563eb5a9badc
7ec1eb321020199cbe8c9dd9245d3763df708279c96fb72621c3489b772f136d
8135c9d4c43dac0e1090d595ed76141fea6262cbe40ba5d585f253bc756f1c68
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85401665325c245c211abdd6777bf10220ebf4765a8839d722e9af3d3a65986b
8666b36f5df02ac7d1f8b41beed4ad6b39b3492cd648a0d2f169bfb12b92a4fc
867bde5f1930963a16e7dac4c891142edaa529a4428bb3486165757b7c8ead08
8827be58015acc0964812101fa9beefe28878fc271167b849184338a24ba8c55
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
90f64f9b25a1f6625cf5fea852ef3b0e3bd895fd0f068229140eea237cb230ed
933fb1d08e2909b241e54b1e9f01da1e245b949656eb442c6338b59cd8cb6d0d
964dcb8552e8038a469bd8f55982cafc9f8980ccc9fa357bd144dc9a142538f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
9c7ea3784d742eed74c3a432b05499d72262ca2e3a903def29cc4677319432b1
9ee381735bbfc3ee0873e073e594c1d5a41bf4b0ecbf3d0674251bea5b963441
a0dcf32e5450287bf01d6ebd7e1f9416d155b736b7bbe764c08724b6c43e03fd
a10a2389cb4de1b2b45305a698ba43c873a4a21a296740809590abde2c95f641
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
a7167af91b1403339ebd72fed59fb0b76df8c6d749b1fbac79b3770760411c71
ac6cea962fc5c9b104331f38097c31bc782e331285a8eb9b4a5f1e9e8a44b248
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
b8109670308a928f07d4470f7fd6bf1d696eb58550cd9801d75e7aad8925d26d
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c5bfd77ac8f9e75d95a6bced01749a3d3a9592bc2fd40cc76018cabb83a8398f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57111ebd3e8be04bcf49a11f3b2afa2d9a457f744a4a72fb5bfb46f922a416
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
ca7f7f2f1530f32622fc0c76791f400659a18bf740f4ccf34be404d923a0f4fb
cbd0e12b1246f6280d9cd402284261eb3e81a9b5c6e179ae5d1a20b7731a4fa7
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf97790c17eeaa7bad43fd976b5a96666e91fc07e94dc99259f01170a1b0432f
d79c9dcc9b5cf47dcabcf51d9e0f17c7e9985bb0ece2706ca6aee8f0a3ba69f1
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dc50db1ce871f864abc7cbc4c790866577afe6e0145ccde42c8adaf06860d04c
dc935257a35a20527490ac266f61f529e5fbbaf58ef0adde233bf1a67e405909
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e11b9f0cb8b23239a86a352aa88bb8c919df0f1f099c65c4a0c47456ce027ff7
e165ee9ed8a5dd7afdd5c60cd5e3140bea0d1ede177f740e91cc8a645c1dc80f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e583af855c8e4ebd9c7218cf624d763268fa478ca34dcddf43d9de52bfb7088f
e6ccef193e037e86370ce6e1d310524d4e3371d6515c7e7e0616051cf8475f58
eb0cada7c2499556527a397894c7c149df7cde682d44f227e700095c5cc9d049
eb30289f9e4df7ea7a22714a51d911e790e76d3debdbd9139cc201028b0ca35a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088f31199206ae1c853bfa69d6f238323f11080ab93715f6afb35566d5b1ddc
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f34a4609bbe3daae1e5dd0aee7f32e91830a2ec7660b9c720aca01612100e166
f775700ca680cecc4ff2df40ebaa47a607e4f770c76a1b4342b7b15497545daa

www.majorgeeks.com Open in urlscan Pro 23.111.189.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

34 %IPv6

68 Domains

93 Subdomains

64 IPs

12 Countries

2643 kBTransfer

6315 kBSize

6 Cookies

35 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

34 %
IPv6

68
Domains

93
Subdomains

64
IPs

12
Countries

2643 kB
Transfer

6315 kB
Size

6
Cookies

193 HTTP transactions
1 data transactions