www.majorgeeks.com Open in urlscan Pro
51.81.2.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.majorgeeks.com/mg/get/automouse,1.html
Effective URL:
https://www.majorgeeks.com/mg/get/automouse,1.html
Submission Tags: falconsandbox
Submission: On September 25 via api (September 25th 2022, 5:30:30 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 34 domains to perform 91 HTTP transactions. The main IP is 51.81.2.245, located in United States and belongs to OVH, FR. The main domain is www.majorgeeks.com. The Cisco Umbrella rank of the primary domain is 315076.
TLS certificate: Issued by R3 on July 30th 2022. Valid for: 3 months.

This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

automouse.exe 1 MB application/x-dosexec

SHA256: 4466ca0a5a036e146b2f9cc44b2267148205dd86a33e85f941e4ff653eef8711

MIME: PE32 executable (GUI) Intel 80386, for MS Windows

Size: 1 MB (1172560 bytes, 100% done)

Downloaded from: https://autoclose.net/down/automouse.exe

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.81.2.247 51.81.2.247	16276 (OVH) (OVH)
1 13	51.81.2.245 51.81.2.245	16276 (OVH) (OVH)
6	51.81.2.248 51.81.2.248	16276 (OVH) (OVH)
3	2400:52e0:1e0... 2400:52e0:1e01::879:1	200325 (BUNNYCDN) (BUNNYCDN)
1	99.86.237.170 99.86.237.170	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
8	23.35.236.122 23.35.236.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:2483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:402... 2a00:1450:4025:402::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	108.138.7.28 108.138.7.28	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:6200:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.30.36.120 52.30.36.120	16509 (AMAZON-02) (AMAZON-02)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::863:1	200325 (BUNNYCDN) (BUNNYCDN)
1	52.30.118.233 52.30.118.233	16509 (AMAZON-02) (AMAZON-02)
1	173.199.141.156 173.199.141.156	32244 (LIQUIDWEB) (LIQUIDWEB)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
91	44

1 51.81.2.247 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: m.majorgeeks.com

m.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.81.2.245 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: majorgeeks.com

www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.81.2.248 (United States)

ASN16276 (OVH, FR)
PTR: ra.majorgeeks.com

ra.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e01::879:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.237.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-237-170.vie50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a27 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-28.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6200:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.36.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-36-120.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::863:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn1.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.118.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-118-233.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.199.141.156 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.pdferaser.net

autoclose.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	majorgeeks.com 2 redirects m.majorgeeks.com — Cisco Umbrella Rank: 831547 www.majorgeeks.com — Cisco Umbrella Rank: 315076 ra.majorgeeks.com — Cisco Umbrella Rank: 612365	261 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 761 gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	9 KB
8	googlesyndication.com 3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	42 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180	171 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1571 m.addthis.com — Cisco Umbrella Rank: 1521	218 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9563	2 KB
4	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 20363 cdn1.vntsm.com — Cisco Umbrella Rank: 192953	355 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1785 mp.4dex.io — Cisco Umbrella Rank: 2010	24 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	58 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1422	15 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081	914 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3603	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	35 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	392 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 463	626 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 9115	298 B
1	autoclose.net autoclose.net
1	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 26372	167 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1006	278 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 683	171 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 228	836 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433	118 B
1	cloudfront.net d1oykxszdrgjgl.cloudfront.net	41 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1400	596 B
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1041	941 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1358 api.rlcdn.com Failed	37 KB
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 25926	667 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1765	931 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 403	1 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	buymeacoffee.com cdnjs.buymeacoffee.com — Cisco Umbrella Rank: 59218	6 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5039	1 KB
91	34

	Domain	Requested by
13	www.majorgeeks.com	1 redirects www.majorgeeks.com
6	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net
6	ra.majorgeeks.com	www.majorgeeks.com ra.majorgeeks.com
5	mc.yandex.com	2 redirects www.majorgeeks.com
5	s7.addthis.com	www.majorgeeks.com s7.addthis.com
4	gum.criteo.com	2 redirects d1oykxszdrgjgl.cloudfront.net
4	pagead2.googlesyndication.com	hb.vntsm.com tpc.googlesyndication.com
3	mug.criteo.com
3	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
3	hb.vntsm.com	www.majorgeeks.com hb.vntsm.com
2	static.criteo.net	d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
2	script.4dex.io	d1oykxszdrgjgl.cloudfront.net
2	i.clean.gg	hb.vntsm.com
2	adservice.google.com	securepubads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net
2	adservice.google.de	securepubads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net
2	mc.yandex.ru	1 redirects hb.vntsm.com
2	m.addthis.com	s7.addthis.com
2	www.google-analytics.com	www.majorgeeks.com www.google-analytics.com
1	match.adsrvr.org	hb.vntsm.com
1	id5-sync.com	hb.vntsm.com
1	lexicon.33across.com	hb.vntsm.com
1	autoclose.net	www.majorgeeks.com
1	track.venatusmedia.com	hb.vntsm.com
1	cdn1.vntsm.com	www.majorgeeks.com
1	www.google.com	d1oykxszdrgjgl.cloudfront.net
1	prebid.a-mo.net	hb.vntsm.com
1	ad.360yield.com	hb.vntsm.com
1	mp.4dex.io	hb.vntsm.com
1	ib.adnxs.com	hb.vntsm.com
1	hbopenbid.pubmatic.com	hb.vntsm.com
1	bidder.criteo.com	hb.vntsm.com
1	3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ad-delivery.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	hb.vntsm.io	hb.vntsm.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.buymeacoffee.com
1	ajax.googleapis.com	www.majorgeeks.com
1	cdnjs.buymeacoffee.com	www.majorgeeks.com
1	cdn-images.mailchimp.com	www.majorgeeks.com
1	m.majorgeeks.com	1 redirects
0	api.rlcdn.com Failed	hb.vntsm.com
91	47

This site contains links to these domains. Also see Links.

Domain
www.restoro.com
ra.majorgeeks.com
buymeacoffee.com
www.contentteller.com
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
majorgeeks.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
ra.majorgeeks.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-08`	a year	crt.sh
cdn-images.mailchimp.com Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
buymeacoffee.com Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.venatusmedia.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
autoclose.net cPanel, Inc. Certification Authority	`2022-07-20` - `2022-10-18`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-08-27` - `2022-11-25`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh

This page contains 9 frames:

Frame: https://autoclose.net/down/automouse.exe
Frame ID: 546E5B2C958CCB78F371661E57DCE914
Requests: 74 HTTP requests in this frame

Frame: https://www.majorgeeks.com/images/mg/yt.html
Frame ID: F2B15D14EA9AF856B6EE84BDE903788D
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FEE5FE03777B176AEE2C89161A8D131A
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D66EF61BE54B6048CA404CCF8A434522
Requests: 1 HTTP requests in this frame

Frame: https://3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0DC4D187D3A84905E3A038126D64094E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D61A701E705BBF606D8592189A160B25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC5FECE0CD948CE1D78375F662F7C483
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.vntsm.com/TimeBucks/728x90.jpg
Frame ID: 6698E48E266BF5D24EEEE6361B7A7DED
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.majorgeeks.com
Frame ID: A0480630CC982D29E755AE081A6E0C38
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download AutoMouse 1.0FacebookTwitterInstagramYouTube

Page URL History Show full URLs

https://m.majorgeeks.com/mg/get/automouse,1.html HTTP 302
https://www.majorgeeks.com/mg/get/automouse,1.html Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

93 %
HTTPS

57 %
IPv6

34
Domains

47
Subdomains

44
IPs

9
Countries

1383 kB
Transfer

3657 kB
Size

32
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.restoro.com/includes/route.php?tracking=Majorgeeks&banner=dltxt&lpx=uyrn
Title: Click Here to Repair/Restore Missing Windows OS Files Damaged by Malware

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/cl.php?bannerid=112&zoneid=4&sig=aca93e3ff174dd7df640b74d69ef1d46cc79f26ae8acb151566d0089ca68d505&oadest=http%3A%2F%2Fwww.restoro.com%2Fincludes%2Froute.php%3Ftracking%3DMajorgeeks%26banner%3DMGLP-SC-uyrn%26lpx%3Duyrn

Search URL Search Domain Scan URL

URL: http://buymeacoffee.com/majorgeeks
Title: Buy a Geek a Coffee

Search URL Search Domain Scan URL

URL: https://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Follow on TwitterTwitter

Search URL Search Domain Scan URL

URL: http://instagram.com/majorgeeksdotcom
Title: Follow on InstagramInstagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/majorgeeks?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.majorgeeks.com/mg/get/automouse,1.html HTTP 302
https://www.majorgeeks.com/mg/get/automouse,1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9772.LsCbPn5dzPZBZWbEX_ZPRdPFQFunsgJayIL5XlY02vpX7PKyCUOtvZfDGQkdpl81.NuAuAgiEWB9gQWclzgkKJNzdglM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9772.bGCZ3Y8rhkPEhnm1765m1WP_F_0pcrMyLFfN8SGpaKceJ085-wrm3NLwrSB3N9mZpUbJ7TxtwnAjqUH5_oYv8A%2C%2C.yK2xs69WJ_Fyi-YNREyi-N8tWUw%2C

Request Chain 62

https://mc.yandex.com/watch/89382074?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1278344613638%3Ahid%3A402205394%3Az%3A0%3Ai%3A20220925173026%3Aet%3A1664127026%3Ac%3A1%3Arn%3A872385706%3Arqn%3A1%3Au%3A1664127026318362862%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A13%2C564%2C126%2C1%2C707%2C0%2C%2C775%2C15%2C%2C%2C%2C2186%3Acpf%3A1%3Ans%3A1664127023165%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664127026%3At%3ADownload%20AutoMouse%201.0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/89382074/1?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1278344613638%3Ahid%3A402205394%3Az%3A0%3Ai%3A20220925173026%3Aet%3A1664127026%3Ac%3A1%3Arn%3A872385706%3Arqn%3A1%3Au%3A1664127026318362862%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A13%2C564%2C126%2C1%2C707%2C0%2C%2C775%2C15%2C%2C%2C%2C2186%3Acpf%3A1%3Ans%3A1664127023165%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664127026%3At%3ADownload%20AutoMouse%201.0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 76

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=ndctupckv050fap6pl8cfdnt34 HTTP 302
https://autoclose.net/down/automouse.exe

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.majorgeeks.com%2F&domain=www.majorgeeks.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=brF9JHxXenRncTBHZnZHZm9xOG9MbXRYMXhjNmdMSVZieDNBQVgzNFVYbnFRcStod1hHaUk5cFhBdXdPSDhUMU40UjJ6NnByRGFFQ3AvZHBBUEtINXdubFhmbHVwRnV1Q0RIZ2VsZ05EWFBVMk0ydHI3bEMwUUlzYS9wc1p1OWFWNDJyRy9RVmNnbGJybFJkNVlCMUp4U2ZhczZoNU80R096ZDVMOGN6OSs0emFQUm9XVlBxblNwNmZiVnlMZFFhSmlUWVVtYzhQUS9nVldsT2ROcWVqNCtkMFVmN1JYYStJcDh3Wi85dzFGdDlHenNuRlU1MFlqM3JYSVdBbG54NVhtdVJnfA&cppv=2

Request Chain 88

https://gum.criteo.com/sid/json?origin=publishertag&domain=majorgeeks.com&sn=ChromeSyncframe&so=3&topUrl=www.majorgeeks.com&bundle=oRkRBV8zSTNXSk9sdWhZZzdMU3l0R282ZGxVSmNXY3BCTmFWU0JTcjI4Qkt2cnNDTUl3NTRxU3FDU1lOZDJDVFVQdm44dHNsSFU4JTJGZm9pRVpHJTJGaGxkOUFmV2lCUkQlMkJiJTJCTThZTDBpN0Y3aDJDNEpiJTJCUUpaY1JBcjRyMVJSNmFlSiUyQnRNYQ&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=eP9rFHxoY2hqeSt3QjFEL0V5cW1RNktoT3hEQXdrSUY1SzF0NFF1cWR6WXc5TmV5Q3lyUFJXcEEyYmNZTzhINUlIQlhoODg4MG82K05Rb3Bhc2FlNnlYVFllbmhXeGxsSm5JMk8vNlhTZk1YSzRubU04M3NIcVM5V0VvUVUwWGtOTjUzNWxhNmc1cVBpMmx2VS9laGVZenc5RUFwVU9JVG8rd3dvZWtXM013OC9EZEQwdVZwM3ZRZWpKWVJlNmV3TllqdHpCd1QrZ1d2YVF2dHFsMENhZjYxcXNEMGRmcnR5ZnJzSHR4dk5TOVFDb2xLcndLR1Y4ajdHUXJKUCtsdjI2Y2NiUzNadkVmWTlvNWhpZ21MUnphUldIRllDVEFzK2RQYWJVbkxxaVRFc1p1UT18&cppv=2

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request automouse,1.html Show response
www.majorgeeks.com/mg/get/
Redirect Chain

https://m.majorgeeks.com/mg/get/automouse,1.html
https://www.majorgeeks.com/mg/get/automouse,1.html

13 KB
5 KB

703ms
126ms

Document
text/html

51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 925319dda56a4d508f38adbc65bbf790c455e5e374d9a68a6fc1de4f9ae4ea0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5126
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Sep 2022 17:28:40 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Sep 2022 17:28:39 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.10 (Debian)
location: https://www.majorgeeks.com/mg/get/automouse,1.html

GET
H/1.1 200
OK jquery.js Show response
www.majorgeeks.com/core/javaload/ 95 KB
33 KB 116ms
115ms Script
text/html 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 47 KB
5 KB 110ms
110ms Stylesheet
text/css 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f223b501bc77cb00c1213bee7352dbdbb808a8fd6fab3542e4401054683032d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 4662

GET
H/1.1 200
OK spcjs.php Show response
ra.majorgeeks.com/www/delivery/ 2 KB
1011 B 437ms
109ms Script
application/x-javascript 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/spcjs.php?id=1&target=_blank
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: ba46dc8a9c0712fe4e00fc81cbc11403a00993b5ce75ae21ab72ace222a39bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=5, max=100
Content-Length: 682
Expires: Mon, 26 Sep 2022 17:28:40 +0000

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 1 MB
309 KB 153ms
14ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 7cb61e152f74ee884179025816887a6248a0aca3c91ff91388e2298cc9385bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: br
cdn-edgestorageid: 883
access-control-allow-origin: *
cdn-cachedat: 09/25/2022 08:40:27
cdn-pullzone: 131999
cdn-requestpullsuccess: True
server: BunnyCDN-AMS-879
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified: Wed, 21 Sep 2022 10:54:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8248f522a0ff413049b6cbaa4deed84d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cdn-cache: HIT
x-bl: 0
cache-control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 5e181f75bbf73de6a28cc752e65b2d9f
cdn-requestcountrycode: RU
cdn-status: 200
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl

GET
H/1.1 200
OK majorgeeks.gif
www.majorgeeks.com/images/logos/ 16 KB
16 KB 107ms
105ms Image
image/gif 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 16513

GET
H/1.1 200
OK click_here.gif
www.majorgeeks.com/images/ 1 KB
2 KB 104ms
103ms Image
image/gif 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/click_here.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Last-Modified: Wed, 08 May 2013 03:02:26 GMT
Server: Apache/2.4.10 (Debian)
ETag: "5c4-4dc2c29df1480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1476

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 209ms
103ms Image
image/png 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1402

GET
H/1.1 200
OK asyncjs.php Show response
ra.majorgeeks.com/www/delivery/ 4 KB
5 KB 112ms
111ms Script
text/javascript 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: a0443e5d9337be48637e710b151e8bc52482cfe4a7921b81998959a557c0f6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Server: Apache/2.4.10 (Debian)
P3P: CP="CUR ADM OUR NOR STA NID"
ETag: e1ae6e2743255c6dac1aff6e1e0dbfb4
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Connection: Keep-Alive
Expire: Sun, 25 Sep 2022 18:28:40 GMT
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 77ms
21ms Stylesheet
text/css 99.86.237.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.237.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-237-170.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 76270
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 315b8dfb52e5c49bd834510b0301e938.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Sat, 24 Sep 2022 20:19:15 GMT
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 3ID7NoOnE-7NXgb-WT2z69QQVaPFTDptvhvscjbPz92y5wBOS1v5XA==

GET
H/1.1 200
OK advertisement.js Show response
www.majorgeeks.com/b/ 45 B
340 B 103ms
103ms Script
application/javascript 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/b/advertisement.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Last-Modified: Sat, 29 Apr 2017 07:29:37 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d-54e4926fdaee0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 45

GET
H2 200 button.prod.min.js Show response
cdnjs.buymeacoffee.com/1.0.0/ 12 KB
6 KB 67ms
42ms Script
application/javascript 2606:4700:20::681a:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.buymeacoffee.com/1.0.0/button.prod.min.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb65848f96b3ff94f28486228ecdd3caaf4e5400f885429a19d37753d9bb6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GCB7NVNWGXA8C0JPXNZ7GCCT
date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1586454
etag: W/"4f866b7d86e5fb16ebe5350c56340fe7-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjeT4p9jwjWKfD0Ag8caf%2BhJDbGYONAbh4IW20PfIDlhmfCgqwm6p7JDVUDKWkCI%2FqS4qlu3jdxfqgjSA5SkzLtoEThMyBtnkBqlxnoUvm%2Bb9hU6ufx63EAUiDdIxWu%2BjnphxK0%2FR78W19SXwnMyOEtFcaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2678400, must-revalidate
cf-ray: 75057cd25be09b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 110ms
29ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 14:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:17:19 GMT

GET
H/1.1 200
OK sub.png
www.majorgeeks.com/images/mg/ 5 KB
5 KB 210ms
103ms Image
image/png 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/mg/sub.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3b217421063cbb46bc380452b448c15a337159a9555161b6cbd442653959fdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Last-Modified: Mon, 22 Nov 2021 16:03:11 GMT
Server: Apache/2.4.10 (Debian)
ETag: "120a-5d162c2fd2720"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4618

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 3 KB
3 KB 310ms
109ms Image
image/png 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:40 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 64ms
23ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 25 Sep 2022 17:30:25 GMT
x-host: s7.addthis.com
content-length: 116360

GET
H/1.1 200
OK spc.php Show response
ra.majorgeeks.com/www/delivery/ 8 KB
2 KB 126ms
126ms Script
application/x-javascript 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/spc.php?zones=3%7C9%7C2%7C1%7C5%7C8%7C7%7C4%7C10&source=&r=23556878&target=_blank&charset=UTF-8&loc=https%3A//www.majorgeeks.com/mg/get/automouse%2C1.html
Requested by: Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/spcjs.php?id=1&target=_blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 671d1256729bae9a790db10a866d9924bf30bd3dc13e462076ea46ec9fbeee3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 17:28:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript; charset=UTF-8
Keep-Alive: timeout=5, max=99
Content-Length: 1566
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ 708 B
869 B 138ms
51ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: cdnjs.buymeacoffee.com
URL: https://cdnjs.buymeacoffee.com/1.0.0/button.prod.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:12:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 17:30:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 17:30:25 GMT

GET
H/1.1 200
OK yt.html Show response
www.majorgeeks.com/images/mg/ Frame F2B1 473 B
675 B 145ms
99ms Document
text/html 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/images/mg/yt.html
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 989624275373769a6b4650df7117d94f78b892cfc48ef0edf77ced932216f162

Request headers

Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 338
Content-Type: text/html
Date: Sun, 25 Sep 2022 17:28:40 GMT
ETag: "1d9-5d163997b7e00-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 22 Nov 2021 17:03:10 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 867
date: Sun, 25 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 25 Sep 2022 19:15:58 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 109ms
30ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.majorgeeks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:23:17 GMT
x-content-type-options: nosniff
age: 457628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 10:23:17 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 85ms
30ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D4F9BC037745A45A
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29778
accept-ranges: bytes
content-length: 948
x-amz-id-2: gnz0ua21kg5yJNFXNFsbCAMRUIGVR8efGH4YbaY9gEEBDpOa0NAtsztaQ1J9dcnHXzcgPPszAaw=

GET
H/1.1 200
OK asyncspc.php Show response
ra.majorgeeks.com/www/delivery/ 923 B
1 KB 115ms
114ms XHR
application/json 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/asyncspc.php?zones=4&prefix=revive-0-&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html
Requested by: Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: d3820c39acd92b493c18d9668577e7c53de5f1fd20620e2a0c06396cffc4ed38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 17:28:40 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 3 KB
931 B 178ms
152ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ca0514a320b064b339c00168adad97966752dfa5f0006ccf956c9a66167c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: gzip
etag: 1338643683--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=7, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 755

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 162ms
149ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6330903147a3a8bb&bkl=0&bl=1&pdt=1417&sid=6330903147a3a8bb&pub=majorgeeks&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.majorgeeks.com&fp=mg%2Fget%2Fautomouse%2C1.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=automatic%2Cclicker%2Cmouse%2Cprovides%2Crecorder%2Csimple%2Cstraightforward%2Cthat%2Ctool&colc=1664127025363&jsl=1&uvs=63309031c57c25ea000&skipb=1&callback=addthis.cbs.jsonp__5606503879872140
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52d8b5f25948fa6b70a0914fc21d9d0548815c4b8ab4b4437b9b63967843faea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:25 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FEE5 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame D66E 71 KB
26 KB 64ms
64ms Document
text/html 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 25 Sep 2022 17:30:25 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 21ms
21ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1790640339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&ul=en-us&de=UTF-8&dt=Download%20AutoMouse%201.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=139739578&gjid=8700101&cid=904299330.1664127025&tid=UA-956038-1&_gid=897298424.1664127025&_r=1&_slc=1&z=384371753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
667 B 145ms
27ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
cf-cache-status: HIT
age: 2608
cf-ray: 75057cd5b9cb9bf5-FRA
content-length: 32
x-amz-id-2: wQUzeS41Uef2+qnpmflnjv1CeJYq8mfPwiCoAn8ARoxBjKHhJa3fAkZll+ZSZe5wxo0gpg/I5cw=
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: M09X9NVTK2W8Z5PG
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, origin, Origin
cache-control: max-age=14400
accept-ranges: bytes
content-type: text/html

GET
H2 200 62bed880e65ec72a4c1f9a7d.enc Show response
hb.vntsm.com/v2/live/ 59 KB
7 KB 329ms
329ms XHR
text/plain 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/62bed880e65ec72a4c1f9a7d.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 85e9eb4ea03c6db7cd1c52be2e64702e251cd66150c6b8c1a9143a73f250b864

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
ref_url: aHR0cHM6Ly93d3cubWFqb3JnZWVrcy5jb20vbWcvZ2V0L2F1dG9tb3VzZSwxLmh0bWw=

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: br
cdn-edgestorageid: 883
access-control-allow-origin: *
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cdn-cachedat: 09/25/2022 08:40:58
cdn-pullzone: 131999
server: BunnyCDN-AMS-879
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified: Fri, 16 Sep 2022 13:19:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"294d56027edc6aed0385a071ef1673a9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
cdn-cache: HIT
x-bl: 0
cache-control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: a9f92d97606b1bf1237f37fee198ffdc
access-control-allow-credentials: true
cdn-requestcountrycode: RU
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 113ms
18ms XHR
text/plain 2a00:1450:4025:402::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-956038-1&cid=904299330.1664127025&jid=139739578&gjid=8700101&_gid=897298424.1664127025&_u=IEBAAEAAAAAAAC~&z=689297987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Sep 2022 17:30:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d4db4f381cea0e53fae0dbbfa4dfba6d.png
ra.majorgeeks.com/www/images/ 36 KB
37 KB 106ms
106ms Image
image/png 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/images/d4db4f381cea0e53fae0dbbfa4dfba6d.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:41 GMT
Last-Modified: Wed, 09 Mar 2022 13:31:56 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9150-5d9c91f0e25a0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 37200

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
723 B 314ms
116ms Image
image/gif 51.81.2.248
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=112&campaignid=38&zoneid=4&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&cb=4b74ce0bca
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.248 , United States, ASN16276 (OVH, FR),
Reverse DNS: ra.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 17:28:41 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 25 Sep 2022 17:30:25 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

OPTIONS
H2 200 62bed880e65ec72a4c1f9a7d.enc
hb.vntsm.com/v2/live/ Frame 0
0 38ms
12ms Preflight
application/octet-stream 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/62bed880e65ec72a4c1f9a7d.enc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ref_url
Access-Control-Request-Method: GET
Origin: https://www.majorgeeks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-pullzone: 131999
cdn-requestcountrycode: RU
cdn-requestid: d695d19bf2a2031d5a0b4083f496383f
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type: application/octet-stream
date: Sun, 25 Sep 2022 17:30:25 GMT
server: BunnyCDN-AMS-879
x-bl: 0

GET
H/1.1 200
OK yt.png
www.majorgeeks.com/images/mg/ Frame F2B1 136 KB
136 KB 104ms
104ms Image
image/png 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/mg/yt.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/images/mg/yt.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 62f325916b2e16d9a1f42e99ff75265236ccaa7153d41e177ef35e5365629ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/images/mg/yt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:41 GMT
Last-Modified: Mon, 22 Nov 2021 16:03:08 GMT
Server: Apache/2.4.10 (Debian)
ETag: "21e5c-5d162c2c23160"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 138844

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 11ms
11ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 25 Sep 2022 17:30:25 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 17ms
16ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-271"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 25 Sep 2022 17:30:25 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98de1792287905262a039021a988f2d1f9e00157cb7a64522f6bb871ee53e28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27830
x-xss-protection: 0
server: sffe
etag: "1344 / 260 of 1000 / last-modified: 1663970755"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Sep 2022 17:30:25 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 206 KB
71 KB 244ms
103ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
etag: "632d6d03-11a8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72330
expires: Sun, 25 Sep 2022 18:30:25 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 39ms
8ms Script
application/x-javascript 108.138.7.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 26678
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Sun, 25 Sep 2022 10:05:48 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: 8HiYpUYvGi0KRGaFVvNuGWV3J1qeQqN9xexdo5NvicHubjh3qyQkkQ==

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
941 B 45ms
15ms Fetch
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Sun, 25 Sep 2022 17:30:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 369265
x-guploader-uploadid: ADPycduZTvGxVXWn1jfZEyZHrVSpJL3TSjpFe6QTP4oaTP3k_2HYksVtR4jpwMZXCY49oUGS1xdSgwxhQDK9EYlaOLCUug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWRvGKltYfoBmpXOBPdBNEPYnlR9X3r20KXB7u4lvwug9JoVDCsgwrgFefkBXdBRfy8aX3WzDsjxTsz21y1Om57RMTqBVDLJCuw6MP1ELgqyGcnDDacNF%2FhBm9as874xY0TMW8j%2FMZrGD2UYXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 75057cd79bef9969-FRA
expires: Wed, 21 Sep 2022 11:00:59 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 42ms
8ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 01:05:12 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
age: 59113
x-amzn-requestid: 77bc80ad-8a4e-44fa-8b03-38681ff5a208
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-632fa948-7449fd0f64fb96ad54bc15db;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: Y_djSF9ZDoEFTPA=
content-length: 30
x-amz-cf-id: iL91e25EiASSAM-yNa4MMiFgir39iDGSzjTRn0XvaW9eBCao-5jC1w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 12:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Sep 2023 12:48:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 168 B
142 B 57ms
27ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.majorgeeks.com

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4721c96bdcfe5771f382a4b9906ca2db42cbabd58a0c6a40095d657d67fa96af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sun, 25 Sep 2022 17:30:25 GMT

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 120 KB
41 KB 49ms
9ms Script
application/javascript 2600:9000:2250:6200:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6200:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 933d3bbb9521bf55d0461e1a875c7397af82d961361227c155617c890905ef76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:22:01 GMT
content-encoding: gzip
last-modified: Sun, 25 Sep 2022 02:07:58 GMT
server: AmazonS3
age: 505
etag: W/"ae3d4ae705c301c8302559d38187d434"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: DNngAHqPVO6jJ-Z6xby6gQivCG1kwQ3Y3VhUq8a7mJqGFDFkEjQdVA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 82ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
54ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
641 B 332ms
332ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2995061506457057&correlator=267607616999880&eid=31068929&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=21726375739%3A1011701%2CVM_62bed880e65ec72a4c1f9a7d&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3133968387&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664127026008&lmt=1664127026&dlt=1664127024580&idt=1404&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=904299330.1664127025&ga_sid=1664127026&ga_hid=1790640339&ga_fc=true

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5647f2836d01d8f7961145d1593f7410bbf6d022859cdab4d38dfe1cad79a02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DC4 6 KB
4 KB 208ms
62ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 17:30:26 GMT
expires: Mon, 25 Sep 2023 17:30:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a4b4ac7ae8dafdb70f970191795511cf7715c4680b58669ce5096a7a01f462e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 10:56:43 GMT

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 128ms
99ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 136ms
101ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.majorgeeks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 25 Sep 2022 17:30:26 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
895 B 44ms
16ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2026
x-amz-request-id: txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2: txaf6e2c1c2f9f41df87375-00631b6357
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4Ax6sMcePus4hkNl2%2BfRetNiy8INaki%2Bf1r4dmHRZDGM40UcGM%2FsCwW6p%2FG%2FAVRMv6sQ9FK9g3nPskQlfiK7gpqHem1e8E6PkVMwiI2EoOIiu0rJ%2FIoawOWpLobSmbFSt1Bqj8NFLEukeuQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1662739245697142
cf-ray: 75057cd8f935690a-FRA
expires: Sun, 25 Sep 2022 18:00:26 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
316 B 82ms
36ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.28.0&cb=15143038332

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Sep 2022 17:30:25 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 315ms
88ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.majorgeeks.com
date: Sun, 25 Sep 2022 17:30:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
836 B 47ms
14ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

478ff2aeeec66761d16f6aee364ca63a1d215968329975ab72bca448f06d3e20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 17:30:26 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 05d1ef0a-b36c-4dbb-a33d-8d1d5cebf0da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
500 B 64ms
33ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abaac3cc8adbe56b16ff7f4e78d254438d926acbcfc36ed8f3294cffb58155a9

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 75057cd91a779a09-FRA
pragma: no-cache
date: Sun, 25 Sep 2022 17:30:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping

POST
H2 204 pb Show response
ad.360yield.com/ 0
171 B 132ms
35ms XHR
text/plain 52.30.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.36.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-36-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.majorgeeks.com
date: Sun, 25 Sep 2022 17:30:26 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
278 B 68ms
25ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.majorgeeks.com
date: Sun, 25 Sep 2022 17:30:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 10
vary: origin, Accept-Encoding

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 65ms
43ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1387083
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx6c64f7eeff3a4281b5b83-00631b6374
x-amz-id-2: tx6c64f7eeff3a4281b5b83-00631b6374
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"831813ee9b2fc0d248741417a0e3b488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0RbpCuuLBXEfmAusMFI%2FXOfBkQWC5qy%2FFU6DmHBY5aISb72fg2s40hbIw88NOy22JqRv1ZVuG07MT5CfRK%2BQAQF1XkTIhA14wNCzUDP4AslgXxCEHIFOup0Px%2BJFwIhLH%2F7EwXrJQNd%2FqKL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1662739245061580
cf-ray: 75057cd9381092a1-FRA
access-control-allow-headers: Authorization

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9772.LsCbPn5dzPZBZWbEX_ZPRdPFQFunsgJayIL5XlY02vpX7PKyCUOtvZfDGQkdpl81.NuAuAgiEWB9gQWclzgkKJNzdglM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9772.bGCZ3Y8rhkPEhnm1765m1WP_F_0pcrMyLFfN8SGpaKceJ085-wrm3NLwrSB3N9mZpUbJ7TxtwnAjqUH5_oYv8A%2C%2C.yK2xs69WJ_Fyi-YNREyi-N8tWUw%2C

75 B
75 B

55ms
55ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9772.bGCZ3Y8rhkPEhnm1765m1WP_F_0pcrMyLFfN8SGpaKceJ085-wrm3NLwrSB3N9mZpUbJ7TxtwnAjqUH5_oYv8A%2C%2C.yK2xs69WJ_Fyi-YNREyi-N8tWUw%2C

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9772.bGCZ3Y8rhkPEhnm1765m1WP_F_0pcrMyLFfN8SGpaKceJ085-wrm3NLwrSB3N9mZpUbJ7TxtwnAjqUH5_oYv8A%2C%2C.yK2xs69WJ_Fyi-YNREyi-N8tWUw%2C
date: Sun, 25 Sep 2022 17:30:26 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 52ms
52ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
etag: "632d6d03-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Sep 2022 18:30:26 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/89382074/
Redirect Chain

https://mc.yandex.com/watch/89382074?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%2...
https://mc.yandex.com/watch/89382074/1?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi...

427 B
509 B

60ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/89382074/1?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1278344613638%3Ahid%3A402205394%3Az%3A0%3Ai%3A20220925173026%3Aet%3A1664127026%3Ac%3A1%3Arn%3A872385706%3Arqn%3A1%3Au%3A1664127026318362862%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A13%2C564%2C126%2C1%2C707%2C0%2C%2C775%2C15%2C%2C%2C%2C2186%3Acpf%3A1%3Ans%3A1664127023165%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664127026%3At%3ADownload%20AutoMouse%201.0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1d5885795533e9c033bf717cd6715a3e80ddcb4adbd252e4dfc96dffcdfc3c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 25-Sep-2022 17:30:26 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 17:30:26 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:26 GMT
last-modified: Sun, 25-Sep-2022 17:30:26 GMT
location: /watch/89382074/1?wmode=7&page-url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1278344613638%3Ahid%3A402205394%3Az%3A0%3Ai%3A20220925173026%3Aet%3A1664127026%3Ac%3A1%3Arn%3A872385706%3Arqn%3A1%3Au%3A1664127026318362862%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A13%2C564%2C126%2C1%2C707%2C0%2C%2C775%2C15%2C%2C%2C%2C2186%3Acpf%3A1%3Ans%3A1664127023165%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664127026%3At%3ADownload%20AutoMouse%201.0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 17:30:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
63ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c48f54af0d92e3ac965ea379ca042d800a1f9985b92ce2ea637c96d5c1dc4569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11259
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 109ms
50ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 110ms
51ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
257 B 500ms
500ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2995061506457057&correlator=92047517432647&eid=31068929&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A1011701%2CVM_62bed880e65ec72a4c1f9a7d%2CVM_62c2d005cd52877ce61f1e57&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&adks=1057008008&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D62c2d005cd52877ce61f1e57-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3Dee5a3e53-v6.28.0_fo%26pg_ld_id%3D59aa91f44043507f068cfeb41f58125d%26mo%3Dscan%26ac_id%3D62bed8640cf0c4307ad438fd%26si_id%3D62bed880e65ec72a4c1f9a7d%26pl_id%3D62c2d005cd52877ce61f1e57%26co%3DRU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-09-16%252013%253A19%253A03%26ta_si%3D728x90%26rt_sh%3D0.99%26di_sh%3D0.99%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D527f9a3b1242886a0736f4f3ac3fc4e4%26bf_br%3D23100000%26af_im%3D23100000&eri=1&sc=1&cookie=ID%3D612835174e2d443f-22d5170f2ece00cd%3AT%3D1664127026%3AS%3DALNI_MbZy8DitUMklO5R1KKEul8AFlPX8g&abxe=1&dt=1664127026419&lmt=1664127026&dlt=1664127024580&idt=1404&adxs=436&adys=45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fget%2Fautomouse%2C1.html&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=904299330.1664127025&ga_sid=1664127026&ga_hid=1790640339&ga_fc=true

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8e5052dcd88884070ec75221d3dde4f94039d66e4e064c9e2cd7e35319c3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 17:30:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D61A 13 KB
5 KB 43ms
13ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 16:28:05 GMT
expires: Mon, 25 Sep 2023 16:28:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC5F 783 B
1 KB 187ms
22ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4b7c7e9871f1c33045b27abfbc59ca4fb009ca35aa5913ea7d6db182b8b6ba8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DxKRjVjlk_NqqAsT-6zySg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-DxKRjVjlk_NqqAsT-6zySg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 17:30:26 GMT
expires: Sun, 25 Sep 2022 17:30:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame D61A 36 KB
16 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 21:39:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC5F 0
0 66ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=2995061506457057&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D61A 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?W1jdzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 728x90.jpg
cdn1.vntsm.com/TimeBucks/ Frame 6698 38 KB
39 KB 123ms
19ms Image
image/jpeg 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.vntsm.com/TimeBucks/728x90.jpg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-863 /
Resource Hash: 108a024f2fa80c1841cbf8734e51cbd0ccab87786cab622f4667224dff1abe8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:27 GMT
cdn-edgestorageid: 863
x-amz-request-id: RBQ9SK93QHF3CMV4
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/18/2022 19:51:02
cdn-pullzone: 392884
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 39413
x-amz-id-2: MFRSvKCpx9duemARAE01s6ReqnpQbCe7lO3Ph/Hu2FlRx9xWQ91vQeVqapnp2FQyHsQVEBkBgrE=
server: BunnyCDN-DE-863
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 12:29:40 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "fb9ea3b9cee3030df2b8bc4e5b9fd5cc"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control: public, max-age=604800
access-control-allow-credentials: true
x-amz-version-id: oJjYCSzIDxu.BQbLuDmX7WJwso7bd00p
cdn-requestid: 389976192df4caedc24a0b802555a19a
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ 16 B
167 B 136ms
34ms XHR
application/json 52.30.118.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.118.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-118-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.majorgeeks.com
date: Sun, 25 Sep 2022 17:30:27 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H2 204 100eng.json
m.addthis.com/live/red_lojson/ 0
127 B 170ms
169ms Ping
text/plain 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/100eng.json?sh=0&ph=1200&ivh=1200&dt=1223&pdt=1417&ict=&pct=0&perf=widget%7C1417%7C668%2Clojson%7C2199%7C163%2Csh%7C2201%7C104&rndr=render_toolbox%7C2376%2Crender_layers_follow%7C2421%2Crender_layers_thankyou%7C2431&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery%2Cgoogleanalytics&jsfwv=jquery-1.7.2%2Cgoogleanalytics-analytics.js&al=men%2Csmlfw%2Csmlty&scr=0&scv=0&apiu=1&ba=3&sid=6330903147a3a8bb&rev=v8.28.8-wp&pub=majorgeeks&dp=www.majorgeeks.com&fp=mg%2Fget%2Fautomouse%2C1.html&pfm=0&icns=facebook%2Ctwitter%2Cinstagram%2Cyoutube
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 25 Sep 2022 17:30:27 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
access-control-allow-credentials: true

GET
H/1.1

200
OK

automouse.exe
autoclose.net/down/
Redirect Chain

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=ndctupckv050fap6pl8cfdnt34
https://autoclose.net/down/automouse.exe

0
0

600ms
113ms

Document
application/x-msdownload

173.199.141.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclose.net/down/automouse.exe
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/get/automouse,1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.199.141.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.pdferaser.net
Software: Apache /
Resource Hash

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Connection: Keep-Alive
Content-Length: 1172560
Content-Type: application/x-msdownload
Date: Sun, 25 Sep 2022 17:30:28 GMT
Expires: Tue, 25 Oct 2022 17:30:28 GMT
Keep-Alive: timeout=2, max=500
Last-Modified: Sun, 25 Sep 2022 03:22:55 GMT
Server: Apache
Vary: User-Agent

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Sep 2022 17:28:42 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
location: https://autoclose.net/down/automouse.exe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=2995061506457057&bg=!l5SllNDNAAYIxsuQKMY7ACkAdvg8WnVvZKB0q6yav8rkMKUfkgMUrYFzMQv7IEqtkw_aL81sPd6WbgIAAABSUgAAAAdoAQeZAp6nNxIiFOedGqB-e3m_6gdZ3SepU7jSoCWDWQ7mSJfcYGMzQIZssaD18Xsp3q4FHvB9DaE-oVTOKFNSOy-_ePxXuWJtHdUT_gighT0UEnU9bHDG5XvbIX_eKL4g3EGvS-_vTrfS5uPW1eZ6RlHr6kAeBpSxAnyxhuevTyrGKZ1wGkRrh777m7gYcii6yjGOAMjEEklohVAlY9Qfw5pAVmrGuYbNumxCA-GxzSLeZ_IOH4g9PjxFhYH1o4cPmr86h0jPp6-E6NQuU4ZNX9rjnNNyNJk2zpMUw0NN6LZYBOhWyCpT8U0069gNMHVruQ8S8dXtaImbzu5EyO9j5UlyGrtckgsfNe44iWmb3df2xw5Q92wfNMXX6gYY7QXpz4wQ5FC6VGSOC8Q-adj6q0RLpXjM8X9awdF9BlRpn5USrwnRrF1KbZAJz600p4C-VFWRcLtezY8mYdfnj9o2qqmfVrd6svDIUiCTJUDBvTijQ8PYBy6w3d4Bn9a1GiSTUaiKX2YXFmlIRcLhjOj_u12ChbqSJir5Dv-V_GOAd-CPmppNu3apGtZCVxVvOPIacnFJCKtZXAYpdVUpqBjqkkfqV9bJ_u44TCYsEgKpk3ocKbo5c0BDW0o9-ivpDxFPY6gueFmBrGZOaVfyhvh3EjsSOLgGG4fCPaI_JvfCvjISDH7JxLUVD1dgXfX7MoxR9ksUZmOwbAWt8ZRXWheyW6GzceYA-K7Npzdd5TiQbSfdnrI2bzDK3bzeYZdoBXym7bWjiBwuYVFZC7XOtRjoa64dmKG-M0Y3yQuLmPd1maUkzRCFdJDT7E_G5Zb7t8w3EPLlacQ11RJic__bzvdmN4GUtTwAKSLwSeXt2084xwcwAmmwTnMH8-Vut3IQZcBqe9Uw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.majorgeeks.com%2F&domain=www.majorgeeks.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.majorgeeks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 25 Sep 2022 17:30:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 528451
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
298 B 149ms
115ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Sep 2022 17:30:29 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.majorgeeks.com%2F&domain=www.majorgeeks.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=brF9JHxXenRncTBHZnZHZm9xOG9MbXRYMXhjNmdMSVZieDNBQVgzNFVYbnFRcStod1hHaUk5cFhBdXdPSDhUMU40UjJ6NnByRGFFQ3AvZHBBUEtINXdubFhmbHVwRnV1Q0RIZ2VsZ05EWFBVMk0ydHI3bEMwUUlzYS9wc1...

365 B
647 B

51ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=brF9JHxXenRncTBHZnZHZm9xOG9MbXRYMXhjNmdMSVZieDNBQVgzNFVYbnFRcStod1hHaUk5cFhBdXdPSDhUMU40UjJ6NnByRGFFQ3AvZHBBUEtINXdubFhmbHVwRnV1Q0RIZ2VsZ05EWFBVMk0ydHI3bEMwUUlzYS9wc1p1OWFWNDJyRy9RVmNnbGJybFJkNVlCMUp4U2ZhczZoNU80R096ZDVMOGN6OSs0emFQUm9XVlBxblNwNmZiVnlMZFFhSmlUWVVtYzhQUS9nVldsT2ROcWVqNCtkMFVmN1JYYStJcDh3Wi85dzFGdDlHenNuRlU1MFlqM3JYSVdBbG54NVhtdVJnfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89991bd046be319fecf2f0c7fa8275d22682bf94c1cae29f54a6760040676227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1164140
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:28 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=brF9JHxXenRncTBHZnZHZm9xOG9MbXRYMXhjNmdMSVZieDNBQVgzNFVYbnFRcStod1hHaUk5cFhBdXdPSDhUMU40UjJ6NnByRGFFQ3AvZHBBUEtINXdubFhmbHVwRnV1Q0RIZ2VsZ05EWFBVMk0ydHI3bEMwUUlzYS9wc1p1OWFWNDJyRy9RVmNnbGJybFJkNVlCMUp4U2ZhczZoNU80R096ZDVMOGN6OSs0emFQUm9XVlBxblNwNmZiVnlMZFFhSmlUWVVtYzhQUS9nVldsT2ROcWVqNCtkMFVmN1JYYStJcDh3Wi85dzFGdDlHenNuRlU1MFlqM3JYSVdBbG54NVhtdVJnfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 694845
content-length: 0
expires: 0

POST
H/1.1 200 258.json Show response
id5-sync.com/g/v2/ 214 B
626 B 56ms
17ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

1cee3685189cbcd0b9a459b08c7c95f2d73ca79d0957f411d01f09ffd85709c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.majorgeeks.com
date: Sun, 25 Sep 2022 17:30:29 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
392 B 127ms
35ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 44d00d2b00c439a22c8b6d6a5707ff0afc8379073c2c34161fd6089d1dd7a8cb

Request headers

Referer: https://www.majorgeeks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Sep 2022 17:30:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Tue, 25 Oct 2022 17:30:29 GMT

GET envelope
api.rlcdn.com/api/identity/ 0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 179ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 25 Sep 2022 17:30:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 528102
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 181ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:29 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Sep 2022 17:30:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A048 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.majorgeeks.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.majorgeeks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 17:30:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 921858
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 48ms
20ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:30:29 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Sep 2022 17:30:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A048
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=majorgeeks.com&sn=ChromeSyncframe&so=3&topUrl=www.majorgeeks.com&bundle=oRkRBV8zSTNXSk9sdWhZZzdMU3l0R282ZGxVSmNXY3BCTmFWU0JTcjI4Qkt2cnNDTU...
https://mug.criteo.com/sid?cpp=eP9rFHxoY2hqeSt3QjFEL0V5cW1RNktoT3hEQXdrSUY1SzF0NFF1cWR6WXc5TmV5Q3lyUFJXcEEyYmNZTzhINUlIQlhoODg4MG82K05Rb3Bhc2FlNnlYVFllbmhXeGxsSm5JMk8vNlhTZk1YSzRubU04M3NIcVM5V0VvUV...

431 B
653 B

21ms
21ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eP9rFHxoY2hqeSt3QjFEL0V5cW1RNktoT3hEQXdrSUY1SzF0NFF1cWR6WXc5TmV5Q3lyUFJXcEEyYmNZTzhINUlIQlhoODg4MG82K05Rb3Bhc2FlNnlYVFllbmhXeGxsSm5JMk8vNlhTZk1YSzRubU04M3NIcVM5V0VvUVUwWGtOTjUzNWxhNmc1cVBpMmx2VS9laGVZenc5RUFwVU9JVG8rd3dvZWtXM013OC9EZEQwdVZwM3ZRZWpKWVJlNmV3TllqdHpCd1QrZ1d2YVF2dHFsMENhZjYxcXNEMGRmcnR5ZnJzSHR4dk5TOVFDb2xLcndLR1Y4ajdHUXJKUCtsdjI2Y2NiUzNadkVmWTlvNWhpZ21MUnphUldIRllDVEFzK2RQYWJVbkxxaVRFc1p1UT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de3eb9ae16a529e90fcbf47a5fd3bf04bde67c26a49e59c3354ea2506affc7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2327291
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 17:30:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=eP9rFHxoY2hqeSt3QjFEL0V5cW1RNktoT3hEQXdrSUY1SzF0NFF1cWR6WXc5TmV5Q3lyUFJXcEEyYmNZTzhINUlIQlhoODg4MG82K05Rb3Bhc2FlNnlYVFllbmhXeGxsSm5JMk8vNlhTZk1YSzRubU04M3NIcVM5V0VvUVUwWGtOTjUzNWxhNmc1cVBpMmx2VS9laGVZenc5RUFwVU9JVG8rd3dvZWtXM013OC9EZEQwdVZwM3ZRZWpKWVJlNmV3TllqdHpCd1QrZ1d2YVF2dHFsMENhZjYxcXNEMGRmcnR5ZnJzSHR4dk5TOVFDb2xLcndLR1Y4ajdHUXJKUCtsdjI2Y2NiUzNadkVmWTlvNWhpZ21MUnphUldIRllDVEFzK2RQYWJVbkxxaVRFc1p1UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 623672
content-length: 0
expires: 0

GET
H/1.1 200
OK fanclose.png
www.majorgeeks.com/images/ 6 KB
6 KB 105ms
104ms Image
image/png 51.81.2.245
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/fanclose.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.2.245 , United States, ASN16276 (OVH, FR),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.majorgeeks.com/mg/get/automouse,1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 17:28:45 GMT
Last-Modified: Wed, 28 May 2014 03:41:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18af-4fa6d97ccc000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6319

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.majorgeeks.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ndctupckv050fap6pl8cfdnt34
ra.majorgeeks.com/	1970-01-20 15:01:03	Name: OAID Value: 01000111010001000101000001010010
www.majorgeeks.com/	1970-01-20 06:25:31	Name: popup_user_login Value: yes
www.majorgeeks.com/	1970-01-20 15:44:15	Name: __atuvc Value: 1%7C39
www.majorgeeks.com/	1970-01-20 06:15:28	Name: __atuvs Value: 63309031c57c25ea000
.majorgeeks.com/	1970-01-20 15:51:27	Name: _ga Value: GA1.2.904299330.1664127025
.majorgeeks.com/	1970-01-20 06:16:53	Name: _gid Value: GA1.2.897298424.1664127025
.majorgeeks.com/	1970-01-20 06:15:27	Name: _gat Value: 1
.addthis.com/	1970-01-20 15:44:15	Name: uvc Value: 1%7C39
.addthis.com/	1970-01-20 15:44:15	Name: loc Value: MDAwMDBFVURFSEUyMjkxMTg3OTAwMzAwMDBDSA==
ra.majorgeeks.com/	1969-12-31 23:59:59	Name: _OASCCAP[38] Value: 1
ra.majorgeeks.com/	1970-01-20 06:58:39	Name: _OACBLOCK[38] Value: 1664126921
www.majorgeeks.com/	1970-01-20 06:16:53	Name: _lr_geo_location Value: DE
www.majorgeeks.com/	1970-01-20 06:58:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.majorgeeks.com/	1970-01-20 15:01:03	Name: _ym_uid Value: 1664127026318362862
.majorgeeks.com/	1970-01-20 15:01:03	Name: _ym_d Value: 1664127026
.prebid.a-mo.net/	1970-01-20 15:01:03	Name: __amc Value: 1_1664127026_1664127026
.mc.yandex.com/	1970-01-20 06:15:27	Name: sync_cookie_csrf Value: 4152937620fake
.majorgeeks.com/	1970-01-20 06:16:39	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 06:15:27	Name: sync_cookie_csrf Value: 1273225116fake
.yandex.com/	1970-01-20 15:01:03	Name: yandexuid Value: 3498097471664127026
.yandex.com/	1970-01-20 15:01:03	Name: yuidss Value: 3498097471664127026
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 599127391664127026
.yandex.com/	1970-01-20 15:51:27	Name: i Value: hI/LjijC1IjvU7DNucM5zrQt2i2bwmjDuSuvhvhMq0V/zpwhlopg80IIP2gd1yFv6J22tF+4E3BqmlgblHLc5SMVPg8=
.yandex.com/	1970-01-20 15:01:03	Name: ymex Value: 1695663026.yrts.1664127026#1695663026.yrtsi.1664127026
.doubleclick.net/	1970-01-20 15:37:03	Name: IDE Value: AHWqTUkTWtF8xrLk8OAbJ3P5ScFX-sPRm9J1MQNh6ragqxGdKMN_xd_0Mz0KcHE6VXI
.majorgeeks.com/	1970-01-20 15:37:03	Name: __gads Value: ID=612835174e2d443f:T=1664127026:S=ALNI_MZTps_6hGFC9419x75LFG2kZab5-A
www.majorgeeks.com/	1970-01-20 06:15:30	Name: _lr_retry_request Value: true
www.majorgeeks.com/	1970-01-20 06:58:39	Name: _lr_env_src_ats Value: false
.majorgeeks.com/	1970-01-20 15:37:03	Name: cto_bidid Value: iNzXP19lZGJYcTV1NDM5NEp6Uk0zSDJ1SFFDWnBrU3BBOGd0U2I2MmFrRVFWcnI2cGMlMkJYaHc3TUh3TWZ1ZFpnY2l1NGVjM3NSMW1UdHZhcXFVWUEyJTJGYUV3d1ElM0QlM0Q
.criteo.com/	1970-01-20 15:37:03	Name: uid Value: dc365a23-87e7-4072-aaad-d9cd37adfaaf
.majorgeeks.com/	1970-01-20 15:37:03	Name: cto_bundle Value: tffYoV8zSTNXSk9sdWhZZzdMU3l0R282ZGxXanI2bnNZNzhFeWJqJTJGa0glMkI5WE5JUE9EdEllV0FnckpxMlVrWGlaaDhKM2ticWhlbFJCTFE3Skdra3hhTkFlSjI2QzVvTHJFRlVMMlBoJTJGTkFrWDNHb2QlMkYwdVlpMEpCb0NYNEdtMkt6M2tOV3R3VGtxVUJCTWFNdU1jd0wxTU1tQSUzRCUzRA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9772.bGCZ3Y8rhkPEhnm1765m1WP_F_0pcrMyLFfN8SGpaKceJ085-wrm3NLwrSB3N9mZpUbJ7TxtwnAjqUH5_oYv8A%2C%2C.yK2xs69WJ_Fyi-YNREyi-N8tWUw%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://www.majorgeeks.com/mg/get/automouse,1.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.majorgeeks.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e78cdeeaa665a642510f23f2ba9c2f1.safeframe.googlesyndication.com
ad-delivery.net
ad.360yield.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.rlcdn.com
ats.rlcdn.com
autoclose.net
bidder.criteo.com
cdn-images.mailchimp.com
cdn1.vntsm.com
cdnjs.buymeacoffee.com
d1oykxszdrgjgl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gum.criteo.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
lexicon.33across.com
m.addthis.com
m.majorgeeks.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
prebid.a-mo.net
ra.majorgeeks.com
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.venatusmedia.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.majorgeeks.com
z.moatads.com
api.rlcdn.com
s7.addthis.com
108.138.7.28
13.32.99.35
147.75.85.234
162.19.138.83
173.199.141.156
178.250.0.157
178.250.0.165
184.51.10.56
185.64.189.112
185.89.210.46
23.35.236.122
2400:52e0:1e00::863:1
2400:52e0:1e01::879:1
2600:1901:0:8344::
2600:9000:2250:6200:0:1651:6140:21
2606:4700:10::ac43:2483
2606:4700:20::681a:346
2606:4700:20::681a:a27
2606:4700:20::ac43:4bf1
2606:4700::6812:272
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2004
2a00:1450:400d:804::2002
2a00:1450:400d:806::2001
2a00:1450:400d:807::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:4025:402::9a
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::1:119
3.33.220.150
34.95.69.49
51.81.2.245
51.81.2.247
51.81.2.248
52.30.118.233
52.30.36.120
99.86.237.170
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705
108a024f2fa80c1841cbf8734e51cbd0ccab87786cab622f4667224dff1abe8e
1cee3685189cbcd0b9a459b08c7c95f2d73ca79d0957f411d01f09ffd85709c8
1d5885795533e9c033bf717cd6715a3e80ddcb4adbd252e4dfc96dffcdfc3c2e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
3a4b4ac7ae8dafdb70f970191795511cf7715c4680b58669ce5096a7a01f462e
3b217421063cbb46bc380452b448c15a337159a9555161b6cbd442653959fdd3
3d8e5052dcd88884070ec75221d3dde4f94039d66e4e064c9e2cd7e35319c3a2
44d00d2b00c439a22c8b6d6a5707ff0afc8379073c2c34161fd6089d1dd7a8cb
4721c96bdcfe5771f382a4b9906ca2db42cbabd58a0c6a40095d657d67fa96af
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
478ff2aeeec66761d16f6aee364ca63a1d215968329975ab72bca448f06d3e20
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52d8b5f25948fa6b70a0914fc21d9d0548815c4b8ab4b4437b9b63967843faea
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5647f2836d01d8f7961145d1593f7410bbf6d022859cdab4d38dfe1cad79a02e
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f325916b2e16d9a1f42e99ff75265236ccaa7153d41e177ef35e5365629ae9
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
671d1256729bae9a790db10a866d9924bf30bd3dc13e462076ea46ec9fbeee3e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12
6ca0514a320b064b339c00168adad97966752dfa5f0006ccf956c9a66167c323
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cb61e152f74ee884179025816887a6248a0aca3c91ff91388e2298cc9385bfc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85e9eb4ea03c6db7cd1c52be2e64702e251cd66150c6b8c1a9143a73f250b864
89991bd046be319fecf2f0c7fa8275d22682bf94c1cae29f54a6760040676227
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
925319dda56a4d508f38adbc65bbf790c455e5e374d9a68a6fc1de4f9ae4ea0b
933d3bbb9521bf55d0461e1a875c7397af82d961361227c155617c890905ef76
989624275373769a6b4650df7117d94f78b892cfc48ef0edf77ced932216f162
98de1792287905262a039021a988f2d1f9e00157cb7a64522f6bb871ee53e28b
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9fb65848f96b3ff94f28486228ecdd3caaf4e5400f885429a19d37753d9bb6c0
a0443e5d9337be48637e710b151e8bc52482cfe4a7921b81998959a557c0f6cb
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
abaac3cc8adbe56b16ff7f4e78d254438d926acbcfc36ed8f3294cffb58155a9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba46dc8a9c0712fe4e00fc81cbc11403a00993b5ce75ae21ab72ace222a39bac
c48f54af0d92e3ac965ea379ca042d800a1f9985b92ce2ea637c96d5c1dc4569
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d3820c39acd92b493c18d9668577e7c53de5f1fd20620e2a0c06396cffc4ed38
de3eb9ae16a529e90fcbf47a5fd3bf04bde67c26a49e59c3354ea2506affc7b7
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b7c7e9871f1c33045b27abfbc59ca4fb009ca35aa5913ea7d6db182b8b6ba8
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff
f223b501bc77cb00c1213bee7352dbdbb808a8fd6fab3542e4401054683032d2
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

www.majorgeeks.com Open in urlscan Pro 51.81.2.245 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

93 %HTTPS

57 %IPv6

34 Domains

47 Subdomains

44 IPs

9 Countries

1383 kBTransfer

3657 kBSize

32 Cookies

9 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.majorgeeks.com Open in urlscan Pro
51.81.2.245 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

93 %
HTTPS

57 %
IPv6

34
Domains

47
Subdomains

44
IPs

9
Countries

1383 kB
Transfer

3657 kB
Size

32
Cookies

91 HTTP transactions
0 data transactions