www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Submission Tags: falconsandbox
Submission: On October 16 via api (October 16th 2020, 7:22:26 pm UTC) from US

Summary HTTP 109 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 36 domains to perform 109 HTTP transactions. The main IP is 23.111.189.3, located in Tampa, United States and belongs to HVC-AS, US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 24th 2020. Valid for: 3 months.

This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	23.111.189.3 23.111.189.3	29802 (HVC-AS) (HVC-AS)
1	2600:9000:21f... 2600:9000:21f3:a400:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	23.111.189.6 23.111.189.6	29802 (HVC-AS) (HVC-AS)
1	99.86.239.170 99.86.239.170	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:20:... 2606:4700:20::681a:b30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
8	95.101.184.141 95.101.184.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:206... 2600:9000:206e:d000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
3	99.86.240.180 99.86.240.180	16509 (AMAZON-02) (AMAZON-02)
1	52.52.67.66 52.52.67.66	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a06:8640:452::2 2a06:8640:452::2	55081 (24SHELLS) (24SHELLS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:e800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:2400:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
1	99.86.243.92 99.86.243.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a0c:5c81:502... 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696	55081 (24SHELLS) (24SHELLS)
1	23.11.239.106 23.11.239.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
1	52.210.165.157 52.210.165.157	16509 (AMAZON-02) (AMAZON-02)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	147.75.107.82 147.75.107.82	54825 (PACKET) (PACKET)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	23.111.189.12 23.111.189.12	29802 (HVC-AS) (HVC-AS)
1	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1	147.75.107.42 147.75.107.42	54825 (PACKET) (PACKET)
109	49

10 23.111.189.3 (Tampa, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: majorgeeks.com

www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a400:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.189.6 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: dev.majorgeeks.com

ra.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.239.170 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-239-170.vie50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:b30 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.184.141 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a95-101-184-141.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206e:d000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.240.180 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-180.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.67.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:452::2 (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-92.vie50.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.122.130.38 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

prebid.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.11.239.106 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-106.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.165.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-165-157.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.107.82 (Ashburn, United States)

ASN54825 (PACKET, US)
PTR: lbadstorm-pk-nj-101

bidder.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.189.12 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: files2.majorgeeks.com

files2.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.253.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.107.42 (Ashburn, United States)

ASN54825 (PACKET, US)

sync.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	majorgeeks.com 1 redirects www.majorgeeks.com ra.majorgeeks.com files2.majorgeeks.com	124 KB
12	googlesyndication.com pagead2.googlesyndication.com 93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com tpc.googlesyndication.com	151 KB
10	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	128 KB
9	gamedistribution.com img.gamedistribution.com	1 MB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	261 KB
7	addthis.com s7.addthis.com m.addthis.com	192 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	32 KB
3	technoratimedia.com prebid.technoratimedia.com ad-cdn.technoratimedia.com	435 B
3	google.com 1 redirects adservice.google.com www.google.com	1004 B
2	gstatic.com fonts.gstatic.com	22 KB
2	rtk.io bidder.rtk.io sync.rtk.io	778 B
2	adnxs.com ib.adnxs.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	adtelligent.com s.adtelligent.com ghb.adtelligent.com	604 B
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
2	googletagservices.com www.googletagservices.com	45 KB
2	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	89 KB
1	adsrvr.org match.adsrvr.org	677 B
1	33across.com ssc.33across.com	357 B
1	a-mo.net prebid.a-mo.net	729 B
1	districtm.io dmx.districtm.io	427 B
1	emxdgt.com hb.emxdgt.com	310 B
1	lockerdome.com lockerdome.com	416 B
1	gumgum.com g2.gumgum.com	883 B
1	1rx.io tag.1rx.io	275 B
1	openx.net the-eighth-d.openx.net	574 B
1	casalemedia.com htlb.casalemedia.com	260 B
1	google.de adservice.google.de	890 B
1	quantcount.com rules.quantcount.com	356 B
1	addthisedge.com v1.addthisedge.com	974 B
1	moatads.com z.moatads.com	1 KB
1	facebook.com www.facebook.com
1	ipfind.co ipfind.co	466 B
1	mailchimp.com cdn-images.mailchimp.com	1 KB
109	36

	Domain	Requested by
10	www.majorgeeks.com	1 redirects www.majorgeeks.com
9	img.gamedistribution.com	www.majorgeeks.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.majorgeeks.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	cdn.thisiswaldo.com www.googletagservices.com securepubads.g.doubleclick.net www.majorgeeks.com
5	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
5	s7.addthis.com	www.majorgeeks.com s7.addthis.com
5	pagead2.googlesyndication.com	www.majorgeeks.com pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.majorgeeks.com
4	ra.majorgeeks.com	www.majorgeeks.com ra.majorgeeks.com
3	c.amazon-adsystem.com	www.majorgeeks.com c.amazon-adsystem.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects www.majorgeeks.com
2	ib.adnxs.com	cdn.thisiswaldo.com
2	prebid.technoratimedia.com	cdn.thisiswaldo.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	m.addthis.com	s7.addthis.com
2	www.google-analytics.com	www.majorgeeks.com www.google-analytics.com
2	www.googletagservices.com	www.majorgeeks.com pagead2.googlesyndication.com
1	sync.rtk.io	cdn.thisiswaldo.com
1	ad-cdn.technoratimedia.com	cdn.thisiswaldo.com
1	match.adsrvr.org	cdn.thisiswaldo.com
1	files2.majorgeeks.com	www.majorgeeks.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ssc.33across.com	cdn.thisiswaldo.com
1	prebid.a-mo.net	cdn.thisiswaldo.com
1	dmx.districtm.io	cdn.thisiswaldo.com
1	bidder.rtk.io	cdn.thisiswaldo.com
1	hb.emxdgt.com	cdn.thisiswaldo.com
1	lockerdome.com	cdn.thisiswaldo.com
1	g2.gumgum.com	cdn.thisiswaldo.com
1	tag.1rx.io	cdn.thisiswaldo.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	htlb.casalemedia.com	cdn.thisiswaldo.com
1	ghb.adtelligent.com	cdn.thisiswaldo.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	www.majorgeeks.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	v1.addthisedge.com	s7.addthis.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	s.adtelligent.com	cdn.thisiswaldo.com
1	z.moatads.com	s7.addthis.com
1	www.facebook.com	www.majorgeeks.com
1	ipfind.co	cdn.thisiswaldo.com
1	ajax.googleapis.com	www.majorgeeks.com
1	cdn-images.mailchimp.com	www.majorgeeks.com
1	cdn.thisiswaldo.com	www.majorgeeks.com
109	53

This site contains links to these domains. Also see Links.

Domain
www.restoro.com
ra.majorgeeks.com
www.contentteller.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.addthis.com

Subject Issuer	Validity	Valid
majorgeeks.com Let's Encrypt Authority X3	`2020-08-24` - `2020-11-22`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-06-16` - `2021-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
ra.majorgeeks.com Let's Encrypt Authority X3	`2020-09-05` - `2020-12-04`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
gamedistribution.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
ipfind.co Amazon	`2020-03-02` - `2021-04-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
s.adtelligent.com Let's Encrypt Authority X3	`2020-09-10` - `2020-12-09`	3 months	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
ghb.adtelligent.com Let's Encrypt Authority X3	`2020-09-09` - `2020-12-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2019-09-27` - `2020-11-26`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rtk.io DigiCert SHA2 Secure Server CA	`2020-02-29` - `2022-03-04`	2 years	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.a-mo.net Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
files2.majorgeeks.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 13 frames:

Frame: https://files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/Drive%20Icon%20Changer.zip
Frame ID: 07E11CE2681501E7EEBA88AED9A47056
Requests: 82 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Frame ID: EE926A5A1A57EE956205D632F8F64730
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 7999AB7D71E3E574573E9746D4573724
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 0219C0D5550E81EA3B14B7DB42114131
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F51E06D043F85749D383BD56F4EF0B93
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2677123DB48FBA99848F4424E453AE2D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn&dcc=t
Frame ID: 229A7A943B105487ED575DCE789EBD00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&pi=t.ma~as.6756421832&w=1080&fwrn=4&lmt=1602876110&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=18&bdt=715&idt=101&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1296900720102&frm=20&pv=2&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=36&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=NDBGNQsZbt&p=https%3A//www.majorgeeks.com&dtd=622
Frame ID: A48929116A0FB661E7AB6891851B46C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1602876110&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=5&bdt=715&idt=112&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=1296900720102&frm=20&pv=1&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=633
Frame ID: 03A3AA108466B5624871579C8ACD69B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js
Frame ID: D1BBA73F20754F1725ED2420D3FECF2D
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 207A73DB49614C8A85FDDCAF4C74E6A0
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.0
Frame ID: F33DED335381174DF72715715A72CE9B
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs?us_privacy=1---
Frame ID: 664B1AACAA2E63546B9E7B38329896CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

109
Requests

99 %
HTTPS

44 %
IPv6

36
Domains

53
Subdomains

49
IPs

6
Countries

2623 kB
Transfer

5201 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.restoro.com/includes/route.php?tracking=Majorgeeks&banner=dltxt&lpx=uyrn
Title: Click Here to Repair/Restore Missing Windows OS Files Damaged by Malware

Search URL Search Domain Scan URL

URL: https://ra.majorgeeks.com/www/delivery/ck.php?oaparams=2__bannerid=52__zoneid=4__cb=5f927c9179__oadest=http%3A%2F%2Fwww.restoro.com%2Fincludes%2Froute.php%3Ftracking%3DMajorgeeks%26banner%3DMGLP-SC-uyrn%26lpx%3Duyrn

Search URL Search Domain Scan URL

URL: http://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Follow on TwitterTwitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UC9-wz8Md_X6V3BCihYW3jig?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: http://instagram.com/majorgeeksdotcom
Title: Follow on InstagramInstagram

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn&dcc=t

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 104

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=oe83jt3r8nasm55blud5hhbdb4 HTTP 302
https://files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/Drive%20Icon%20Changer.zip

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set drive_icon_changer,1.html Show response
www.majorgeeks.com/mg/getmirror/ 18 KB
7 KB 696ms
274ms Document
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 59fa3e166e474650468621a978ad2b8d3c504b4260c05f6b3395dd5790899dd9

Request headers

Host: www.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:25 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=oe83jt3r8nasm55blud5hhbdb4; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6905
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
www.majorgeeks.com/core/javaload/ 95 KB
33 KB 323ms
166ms Script
text/html 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:25 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 33760

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 47 KB
5 KB 156ms
156ms Stylesheet
text/css 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:25 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 4663

GET
H2 200 4107.js Show response
cdn.thisiswaldo.com/static/js/ 300 KB
89 KB 63ms
33ms Script
application/javascript 2600:9000:21f3:a400:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/4107.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:a400:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

2dba6273b41550c66128d8ae8b7e585ffe3335755afa72240fabc0b78fd5cb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 05:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 02:18:55 GMT
server: Apache/2.4.29 (Ubuntu)
age: 50148
etag: "4b07c-5b1c062f9bbf4-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: oC2c_0l_0mDM12chbgRvKJN9fDs4PvOC0D8P1uB-di7vVloZp1Nfzw==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72f63c65a1e59494b73b9d966c97b3e873f7c9575d2f55611a7cf414858514ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "665 / 776 of 1000 / last-modified: 1602870121"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17648
x-xss-protection: 0
expires: Fri, 16 Oct 2020 19:21:49 GMT

GET
H/1.1 200
OK majorgeeks.gif
www.majorgeeks.com/images/logos/ 16 KB
16 KB 161ms
158ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16513

GET
H/1.1 200
OK click_here.gif
www.majorgeeks.com/images/ 1 KB
2 KB 146ms
144ms Image
image/gif 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/click_here.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Last-Modified: Wed, 08 May 2013 03:02:26 GMT
Server: Apache/2.4.10 (Debian)
ETag: "5c4-4dc2c29df1480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1476

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 308ms
208ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1402

GET
H/1.1 200
OK asyncjs.php Show response
ra.majorgeeks.com/www/delivery/ 10 KB
10 KB 638ms
172ms Script
text/javascript 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Server: Apache/2.4.10 (Debian)
P3P: CP="CUR ADM OUR NOR STA NID"
ETag: e1ae6e2743255c6dac1aff6e1e0dbfb4
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Connection: Keep-Alive
Expire: Fri, 16 Oct 2020 20:24:26 GMT
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 130ms
42ms Stylesheet
text/css 99.86.239.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.239.170 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-239-170.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 23:55:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 69999
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: tlOwhDe_Ujupc28TEb2arJd6p528kXm7P_29klC9QFxm82QyRlRcKw==

GET
H2 200 3be5ca4bd9e342cfaa121c656f7fca97-512x384.jpeg
img.gamedistribution.com/ 145 KB
146 KB 52ms
25ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/3be5ca4bd9e342cfaa121c656f7fca97-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d489bd73b8d01234f0919ca10bc41121600aed9e016b36e1508c80bb8f2f3d

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=eIN5TA==, md5=YokRycKvEO75yTP5gSQazA==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 663
status: 200
x-guploader-uploadid: ABg5-UzFP-sS-fbCFtkbRzG-Zqfl8fuklfPnUL7rUPpJs_Oo-zocVgGYKYdp5KoekW1BbCX9knrWgG8ZkBzRjJCH_EE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 148610
cf-request-id: 05d47589df0000074a3d95c000000001
expires: Fri, 16 Oct 2020 20:10:46 GMT
last-modified: Mon, 12 Oct 2020 10:50:48 GMT
server: cloudflare
etag: "628911c9c2af10eef9c933f981241acc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1602499848036455
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 148610
accept-ranges: bytes
cf-ray: 5e342522feda074a-FRA
cf-bgj: h2pri

GET
H2 200 8de6306038324879abbc0d19f566817a-512x384.jpeg
img.gamedistribution.com/ 194 KB
195 KB 52ms
25ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/8de6306038324879abbc0d19f566817a-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59613ad08c2987009985d237bea11246bed39ddebfb1641d37b8e783dab9c78a

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=3Luusg==, md5=OQxuEh9sTYAHBU9d1ugZ1A==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 408
x-guploader-uploadid: ABg5-Uxt8_IRe3rDyLxJwaZCdhw45E-eoWPnPjTVUMi6rhhQpHTCZjXS2fsrcTiBkQ779NHa3Fi6f4pBG8z5Rt8OxrCbuRsNQg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 198699
cf-request-id: 05d47589e00000074a66861000000001
expires: Fri, 16 Oct 2020 20:15:01 GMT
last-modified: Thu, 01 Oct 2020 00:14:47 GMT
server: cloudflare
etag: "390c6e121f6c4d8007054f5dd6e819d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601511287736560
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 198699
accept-ranges: bytes
cf-ray: 5e342522fedd074a-FRA
cf-bgj: h2pri

GET
H2 200 a2b4b57bb3e04f7b90450620fc2598ba-512x384.jpeg
img.gamedistribution.com/ 81 KB
82 KB 45ms
18ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/a2b4b57bb3e04f7b90450620fc2598ba-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74738a295005f942c294878f0b76e4d8a4938c3de0c34a097e337629993f291

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=c/KMTA==, md5=t25X8lIWAasbhdtX/xIacw==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1842
x-guploader-uploadid: ABg5-UzoOHXI2cE6uuKyAvFqadJQhZKWZTH0w_PkoE9-vlB9vl_qd_NejBZi5Z-rpcO8GNeQaSvcAPf3By6wGWV7UaefaG1Glw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 82539
cf-request-id: 05d47589e00000074a4685b000000001
expires: Fri, 16 Oct 2020 19:51:07 GMT
last-modified: Fri, 11 Sep 2020 03:32:23 GMT
server: cloudflare
etag: "b76e57f2521601ab1b85db57ff121a73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599795143992877
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 82539
accept-ranges: bytes
cf-ray: 5e342522fedf074a-FRA
cf-bgj: h2pri

GET
H2 200 fa24c7b1e995478697ffd51b9030943d-512x384.jpeg
img.gamedistribution.com/ 196 KB
197 KB 51ms
24ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/fa24c7b1e995478697ffd51b9030943d-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3cdb10cc23493763d021106f71297d24021b880e91bea50edd5c6e85dc4e66

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=X5uYtg==, md5=EJFcDS5xESGPab2zgyyK+g==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1842
x-guploader-uploadid: ABg5-Uw0GDrCkbR_Ut62ryU7or_4nVBJ7p4IqTccZ4z2oHL7tzFOeqlQ9zCAJzwe5t1pwqVK15OKWCnWZP2cHhENd5DVFhpN_A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 201005
cf-request-id: 05d47589e00000074a86248000000001
expires: Fri, 16 Oct 2020 19:51:07 GMT
last-modified: Tue, 29 Sep 2020 05:32:05 GMT
server: cloudflare
etag: "10915c0d2e7111218f69bdb3832c8afa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601357525412949
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 201005
accept-ranges: bytes
cf-ray: 5e342522fee3074a-FRA
cf-bgj: h2pri

GET
H2 200 549c32e83dd64abe8d64c3b6bbcb198a-512x512.jpeg
img.gamedistribution.com/ 289 KB
290 KB 15ms
13ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/549c32e83dd64abe8d64c3b6bbcb198a-512x512.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0e795dd7cf0afcc6022601ed99a6f66f2a86c2cb5c905619ac05f5b4bbd25c

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=isxItQ==, md5=mkdYXu4O06h4fCNChYQv1w==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859
x-guploader-uploadid: ABg5-UxOcHcTLRaXAjW3Vh_d15tyCRW_cXWTyj9LZdnuAwRKkXZrzBPD7ZYegH1MROz9HDPV7CmE4esN86wAVNoA_WU
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 295982
cf-request-id: 05d47589ee0000074a590cf000000001
expires: Fri, 16 Oct 2020 19:50:50 GMT
last-modified: Sun, 20 Sep 2020 18:29:59 GMT
server: cloudflare
etag: "9a47585eee0ed3a8787c234285842fd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600626599958191
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 295982
accept-ranges: bytes
cf-ray: 5e3425231f49074a-FRA
cf-bgj: h2pri

GET
H2 200 04bd3caed9dd40d4825f49a815f558cd-512x384.jpeg
img.gamedistribution.com/ 82 KB
83 KB 16ms
14ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/04bd3caed9dd40d4825f49a815f558cd-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094b91ed67b1046da5bf9f1af78a5d1069114fdadb22b5a5bc09323ce69dce74

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=aiCPAw==, md5=f2MXMf3n44HitvmiorHHdg==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 408
x-guploader-uploadid: ABg5-Uw55kZb9g7jShj175RAIzvtB8VkbePA2HV_NU5sQEEhdAS6ZxnyMF1YgjqaWnGIEPuK9-IotqDYP7Qql0MA9lk
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 84304
cf-request-id: 05d47589ee0000074a72b06000000001
expires: Fri, 16 Oct 2020 20:15:01 GMT
last-modified: Mon, 14 Sep 2020 09:27:30 GMT
server: cloudflare
etag: "7f631731fde7e381e2b6f9a2a2b1c776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600075650306063
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 84304
accept-ranges: bytes
cf-ray: 5e3425231f4c074a-FRA
cf-bgj: h2pri

GET
H2 200 030eb2f7b22246b3bbffd69b918e2a11-512x384.jpeg
img.gamedistribution.com/ 63 KB
64 KB 16ms
15ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/030eb2f7b22246b3bbffd69b918e2a11-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c1ae63930fbbfcb7fecc37e7f8ec26edb2cb4d2f3698317b07a925ee7c7b372

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1ZHBQg==, md5=MIoAq0GssWN0rVouBqXjNA==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1401
x-guploader-uploadid: ABg5-UzkCnMdeAT5ekCg5nyi0kxF1oSrpUXZl3tstiT7zUnVnZVZS66wec-J4C-hyIcpXoLKKL_vbMqpvds90AkdOac
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 64896
cf-request-id: 05d47589ef0000074a79223000000001
expires: Fri, 16 Oct 2020 19:58:28 GMT
last-modified: Fri, 11 Sep 2020 09:26:46 GMT
server: cloudflare
etag: "308a00ab41acb16374ad5a2e06a5e334"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599816406336106
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 64896
accept-ranges: bytes
cf-ray: 5e3425231f4e074a-FRA
cf-bgj: h2pri

GET
H2 200 078dda3284ac419d9dd7786f97cc6483-512x384.jpeg
img.gamedistribution.com/ 213 KB
213 KB 16ms
15ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/078dda3284ac419d9dd7786f97cc6483-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670ef99163d3231945a5bb54fda651c83dcaa28c183df857688fcb7f7f69e6ac

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=NnyXUQ==, md5=rrF4QYbGhO2es70IonH4zw==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1842
x-guploader-uploadid: ABg5-UzQYU0UgvEt2HWNLuob2EZjTgKzvyKPVTIfSom_DTgxvK6oqEaaZ6yFbPqJKx6bWF-mxEW5-Qsa51UNBaxqBw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 217702
cf-request-id: 05d47589ef0000074a0c9e3000000001
expires: Fri, 16 Oct 2020 19:51:07 GMT
last-modified: Mon, 07 Sep 2020 10:01:37 GMT
server: cloudflare
etag: "aeb1784186c684ed9eb3bd08a271f8cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599472897310243
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 217702
accept-ranges: bytes
cf-ray: 5e3425231f4f074a-FRA
cf-bgj: h2pri

GET
H2 200 11ba7b45211e46bcb78be3178b3c6b0a-512x384.jpeg
img.gamedistribution.com/ 126 KB
126 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/11ba7b45211e46bcb78be3178b3c6b0a-512x384.jpeg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9afb22e4125cdd212ddd8cf3b66636897efee91a14342e0277019dfaeb24db5

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=O11VWg==, md5=bZQblCfRGVARLD+tC0mZ7w==
date: Fri, 16 Oct 2020 19:21:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3069
x-guploader-uploadid: ABg5-UxU6vL_rA4gmoPQPTnFyWcKiBV_lxy94s_nbFJD3zLj3Z6Mbx8gk8FxzZg_8ShCwSBOsU2DjSqwAT6Nhm7JK5hxVlaQwA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 128953
cf-request-id: 05d47589ef0000074a02b0e000000001
expires: Fri, 16 Oct 2020 19:30:40 GMT
last-modified: Thu, 16 Jul 2020 18:57:39 GMT
server: cloudflare
etag: "6d941b9427d11950112c3fad0b4999ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602876109"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594925859341770
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=43200
x-goog-stored-content-length: 128953
accept-ranges: bytes
cf-ray: 5e3425231f50074a-FRA
cf-bgj: h2pri

GET
H/1.1 200
OK advertisement.js Show response
www.majorgeeks.com/b/ 45 B
341 B 171ms
158ms Script
application/javascript 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/b/advertisement.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Last-Modified: Sat, 29 Apr 2017 07:29:37 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d-54e4926fdaee0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 45

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45748
x-xss-protection: 0
server: cafe
etag: 3045074480856053689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Oct 2020 19:21:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 07:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41766
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 07:45:43 GMT

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 3 KB
3 KB 272ms
167ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:26 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 100ms
33ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a95-101-184-141.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Fri, 16 Oct 2020 19:21:49 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/ 4 KB
2 KB 80ms
36ms Script
application/javascript 2600:9000:206e:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e94871a28e588598a5b5bb0fa62dae728a3503c79b32dec93c3144b1660bcd73

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:00 GMT
content-encoding: br
etag: "9831df77b8ff4179e94a56a83951637f"
last-modified: Fri, 09 Oct 2020 16:42:17 GMT
server: AmazonS3
age: 50
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
status: 200
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: lETQYYalBrz_k3rMcswOaLop5QNIFQCK526BBYXwTMhzo613ATz_Cg==
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 181ms
79ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

fd3aa6f25f7667d2afdd216f78c5e2d4338577b7789e9bddab47f226dcd8f122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "665 / 464 of 1000 / last-modified: 1602870121"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17675
x-xss-protection: 0
expires: Fri, 16 Oct 2020 19:21:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 109 KB
28 KB 148ms
47ms Script
application/javascript 99.86.240.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-180.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:11:14 GMT
content-encoding: gzip
server: Server
age: 4234
etag: 0ef1f140246b7e0337b522d7332711d3
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Dwk90Lp69kAnTZHIi34ob2MOgWW5-8VwmJDvHFyoVRC_1oOzsvMchw==
via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)

GET
H2 200 me Show response
ipfind.co/ 366 B
466 B 590ms
225ms XHR
application/json 52.52.67.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.67.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-67-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f6cb97c950093aa2243e49175928f045733beaf3d6097fa786dddd7c0398f4e6

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 242

GET
H2 200 page.php
www.facebook.com/plugins/ Frame EE92 0
0 104ms
104ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: +xKcxUrv0OKGxHdzsYcaJNjEmME4q9m9+rMk+njJ+LdBSdJNvhGLtyKAX6gDC1YoBC3+YSrRFOYUvYlslC6U3Q==
date: Fri, 16 Oct 2020 19:21:49 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5544
date: Fri, 16 Oct 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 16 Oct 2020 19:49:25 GMT

GET
H2 200 pubads_impl_2020101201.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 126ms
97ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Oct 2020 08:39:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97729
x-xss-protection: 0
expires: Fri, 16 Oct 2020 19:21:49 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 230 KB
87 KB 59ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88670
x-xss-protection: 0
server: cafe
etag: 13373283986949850894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Oct 2020 19:21:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 7999 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201008/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 16 Oct 2020 03:54:38 GMT
expires: Fri, 30 Oct 2020 03:54:38 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 55631
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1047287365&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ul=en-us&de=UTF-8&dt=Download%20Drive%20Icon%20Changer%201.00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1186791752&gjid=1318563692&cid=1208604162.1602876109&tid=UA-956038-1&_gid=1420184688.1602876109&_r=1&_slc=1&z=1457938583

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 140ms
31ms Script
application/x-javascript 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 365BE2D90BB70426
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43989
accept-ranges: bytes
content-length: 948
x-amz-id-2: PxiobigxQoh2WLVoO8KI7nUV5JvaGyAJjjJSP7tr87KJ7Vwt9l4Wd7hFI8bT1jwcjs+nigY0LLc=

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 0219 0
0 277ms
87ms Document
text/html 2a06:8640:452::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:452::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

Server: VertaMedia 1.0
Date: Fri, 16 Oct 2020 19:21:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 655
Access-Control-Allow-Origin: https://www.majorgeeks.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

POST
H/1.1 200
OK new-impression Show response
thisiswaldo.com/ 1 B
384 B 389ms
135ms XHR
text/html 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/new-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 16 Oct 2020 19:21:49 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 3 KB
974 B 176ms
174ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a95-101-184-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
etag: -316279931--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=27, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 765
x-akamai-path-stats: [1:1755:4294966541]

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
282 B 134ms
131ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f89f2cd974325f5&bkl=0&bl=1&pdt=702&sid=5f89f2cd974325f5&pub=majorgeeks&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.majorgeeks.com&fp=mg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Changer%2CDrive%2CIcon%2Cchange%2Cdefault%2Cicons%2Cindividual%2Cutility&colc=1602876109487&jsl=1&uvs=5f89f2cd2926bd43000&skipb=1&callback=addthis.cbs.jsonp__97883058288157890
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a95-101-184-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1610ef04732fce40e79ae0cf149814a05f1ce96cfe0e2c888f280557fcd6e91e

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:49 GMT
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
x-akamai-path-stats: [3:3973:4294966323]

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F51E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2677 0
0 67ms
65ms Document
text/html 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a95-101-184-141.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Fri, 16 Oct 2020 19:21:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 82ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
etag: "O/+l6c17R2TQ0JQMJXOiXA=="
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Oct 2020 19:21:49 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 256 KB
70 KB 65ms
64ms Script
text/javascript 2600:9000:206e:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.majorgeeks.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5baf199502427b7900ee42ae258286b4b0d782afe3d469ba39b57a6fc6d02d4

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 23:18:15 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "4d9f39d1e29dade370463c80c4214e5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-id: 6chn73_u_5uSr9L6l4ttmoqMB6aIiFoL06zapQeSO_uhNtRqZn13hw==
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)

GET
H2 200 p-fTfJtcPmQDwZG.gif
pixel.quantserve.com/pixel/ 35 B
372 B 82ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 60ms
60ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-956038-1&cid=1208604162.1602876109&jid=1186791752&gjid=1318563692&_gid=1420184688.1602876109&_u=IEBAAEAAAAAAAC~&z=480593961

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Oct 2020 19:21:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 148ms
44ms XHR
application/javascript 99.86.240.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-180.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 00:23:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 68278
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 30 Sep 2020 05:43:29 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ccc2e147947b6e1dcaa206a56faa4bb5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: JZCbayTCkj0bImuZ9yIOJW5_z3eUWIOMKajnmFlHF8iTIEVczrlE6A==

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 3 B
356 B 204ms
138ms Script
application/x-javascript 2600:9000:206e:e800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:20:01 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 109
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: LoVE-UuT4FqWPw-dVYquT2tPVmd9SHz1YkPRsivfzEgEJkm78bZihg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 111 B
501 B 167ms
167ms XHR
text/javascript 99.86.240.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&pid=XVUcnQElrE7Z6&cb=0&ws=1600x1200&v=7.55.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-180.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 0db2700cff81ddc495fb1bec3a941cb94e7e612b31c0b0612bffbde1dfb9c8d8

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:49 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: VIE50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 122
via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
x-amz-cf-id: h6mQHOL0tjxDTZ4Jnw2BZC4cHwHcmwkcJd4z5l5r6mPG9CRA4R5hpA==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 156 KB
38 KB 57ms
20ms XHR
application/json 2600:9000:206e:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e92fdb973a6cbc15672db566bafee758bfefb8aca9e445af6518aca1dd9374f5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 03:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 58879
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 16 Oct 2020 03:00:27 GMT
server: AmazonS3
etag: W/"43bacde42b773c96ed7eefdc28e6a0e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
cache-control: max-age:86400
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 9PofJZ-e6ST52ccYkux4Z-EctL8jjRSY1pDWwSaLC6CT8IpSbbL1Nw==

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 34ms
34ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a95-101-184-141.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 16 Oct 2020 19:21:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 38ms
37ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a95-101-184-141.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-271"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 16 Oct 2020 19:21:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 38ms
37ms Script
application/javascript 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a95-101-184-141.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-688"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 16 Oct 2020 19:21:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 6 KB
2 KB 26ms
7ms XHR
application/json 2600:9000:2127:2400:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f3c043254ca1f3d4b3c943d35565bab8227869b8a761f412bb9405b71f948bb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 23:59:11 GMT
content-encoding: br
age: 69759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 15 Oct 2020 17:53:19 GMT
server: AmazonS3
etag: W/"c9fd6dacc3995415ef1bc326d97aea76"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: C_8w3zHleG6EXLoDabGct2kbGnkJKKA6hIN4WftfkBIbM-6PZx197Q==

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 229A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn&dcc=t

0
0

213ms
213ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0BZNCwUSUPdnDB17cQNUdA|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

Server: Server
Date: Fri, 16 Oct 2020 19:21:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 187
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A0BZNCwUSUPdnDB17cQNUdA; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:21:49 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jan-2026 19:21:50 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Fri, 16 Oct 2020 19:21:49 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=cnv_sovrn&dcc=t
Set-Cookie: ad-id=A0BZNCwUSUPdnDB17cQNUdA|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:21:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 200 KB
27 KB 20ms
19ms XHR
application/json 2600:9000:206e:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca108108993f219b4204a59711dec9c2037beb1437cc51d3a17157f872ce08d8

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 23:59:12 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 69758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 15 Oct 2020 23:59:09 GMT
server: AmazonS3
etag: W/"66899d617f332d17997a258fcf5903bd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
cache-control: max-age:518400
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: QgrXFVMN-tuIFdHrMVnKPmJnaqIx4vIpl2dcARG9gFKJrbfmTKohUA==

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/16/ 465 KB
123 KB 21ms
21ms Script
text/javascript 2600:9000:206e:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/16/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 394cbc3aa76171b07dd16450b0d957d00de1121b856f1d7c644b7cdcdbe5a02d

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 23:18:17 GMT
content-encoding: br
age: 72213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 604800
access-control-allow-origin: *
last-modified: Thu, 08 Oct 2020 23:17:49 GMT
server: AmazonS3
etag: "c8e5ebf65cd84a5eaf53e134d3a75d2a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: -el1FSWYTM_lX4-mEnb-KscmrRkDk4KeYirNRQBOZIQAV0yUcJQxyg==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
515 B 146ms
49ms XHR
text/html 99.86.243.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.16%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22pOUlyGSbs4btPNFJvvEE3Q%22%2C%22clientTimestamp%22%3A1602876109955%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-xnbz0ixd2yc7rhshmb3i%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/16/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-92.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 00:22:10 GMT
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
vary: Origin
age: 68381
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: xw7QlyOhIT4QKB4xqYr7sg8AisRgE6d2u3HS8GaBrZwBCwyiz7Q4cw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 37ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A489 0
0 491ms
490ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&pi=t.ma~as.6756421832&w=1080&fwrn=4&lmt=1602876110&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=18&bdt=715&idt=101&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1296900720102&frm=20&pv=2&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=36&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=NDBGNQsZbt&p=https%3A//www.majorgeeks.com&dtd=622

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&pi=t.ma~as.6756421832&w=1080&fwrn=4&lmt=1602876110&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=18&bdt=715&idt=101&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1296900720102&frm=20&pv=2&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=36&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=NDBGNQsZbt&p=https%3A//www.majorgeeks.com&dtd=622
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Oct 2020 19:21:50 GMT
server: cafe
content-length: 21629
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 19:36:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Oct 2020 19:21:50 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Fri, 16 Oct 2020 19:21:50 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 03A3 0
0 159ms
159ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1602876110&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=5&bdt=715&idt=112&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=1296900720102&frm=20&pv=1&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=633

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1602876110&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602876109473&bpp=5&bdt=715&idt=112&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=1296900720102&frm=20&pv=1&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&ga_fc=0&iag=0&icsg=559193008352&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067553&oid=3&pvsid=488893007556397&pem=697&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=633
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Oct 2020 19:21:50 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 19:36:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Oct 2020 19:21:50 GMT
cache-control: private

OPTIONS
H2 204 newor
prebid.technoratimedia.com/openrtb/bids/ Frame 0
0 1378ms
121ms Other 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_3.27.0
Protocol: H2
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx
date: Fri, 16 Oct 2020 19:21:52 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 734007136
age: 0
via: 1.1 varnish

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 370 B
604 B 262ms
64ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 87517cd7f7ac09e61a6e9e74f35adf163775185f1cc64c899d94bc856d019c27

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Oct 2020 19:21:50 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.majorgeeks.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 311

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
260 B 133ms
61ms XHR
application/json 23.11.239.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=296677&v=7.2&r=%7B%22id%22%3A%223e3ec6faa5b233%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224c0cf13910042a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22296677%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225e90f599458681%22%2C%22ext%22%3A%7B%22siteID%22%3A%22296678%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%224107%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.239.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-106.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 85faa8b4628f1266f09c6e4623954e172ee4b29020dc28970cccb19e621a64ca

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:51 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.majorgeeks.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
expires: Fri, 16 Oct 2020 19:21:51 GMT

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 190 B
574 B 424ms
117ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=e32039a5-7630-4165-bfe2-f8e5846b5b93&nocache=1602876111479&gdpr=0&us_privacy=1---&pubcid=2fc94417-7e2b-42af-bafe-3558730fe8f2&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&aus=728x90%2C970x90&divIds=waldo-tag-4165&auid=540717872
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.195.1 /
Resource Hash: cf46be37f636106a863cc6a9e52baf2d1562cfaf765f5085fc9bd880f340ecf0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:51 GMT
content-encoding: gzip
server: OXGW/16.195.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 176
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/204851/0/ 0
275 B 161ms
44ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/204851/0/mvo?z=1r&hbv=3.27,2.1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.majorgeeks.com
Pragma: no-cache
Date: Fri, 16 Oct 2020 19:21:51 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 335 B
883 B 354ms
103ms XHR
application/json 52.210.165.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28367&pi=3&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.165.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-165-157.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 87e0b2a66e93be48722f690db7e85f37d9442be624ec3fa0d14333a9f291d43f

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:51 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 455 newor Show response
prebid.technoratimedia.com/openrtb/bids/ 53 B
435 B 354ms
122ms XHR
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_3.27.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 869f1aefcd289d14fa401b99a115ae0ca04252c702ca483fbb11c273ef686d44

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Oct 2020 19:21:53 GMT
content-encoding: gzip
server: nginx
age: 0
status: 455
vary: Accept-Encoding
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
x-varnish: 518992750
content-length: 78
via: 1.1 varnish

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
416 B 1645ms
159ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Oct 2020 19:21:53 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 31

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ 0
310 B 1162ms
52ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1602876111486&src=pbjs
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Oct 2020 19:21:52 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 59ms
59ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

faeb4e84b03bd585b6846653b20ca106a65bb068bf63c61260e40d4f3625b720

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 19:21:51 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.47:80
AN-X-Request-Uuid: 0da76d42-db3c-475d-ae6a-7401b8993242
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 124ms
65ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b54d43a3a381b5f1f48bde11f1404b93ad7c3e6a5f08280ed2871046b1371f7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 19:21:51 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: d5f3b44c-0988-4f3f-b123-9a6b09430850
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK aardvark Show response
bidder.rtk.io/IS9K/VPjY_ZUmA/ 270 B
778 B 1545ms
151ms XHR
text/html 147.75.107.82
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.rtk.io/IS9K/VPjY_ZUmA/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&w=1600&h=1200&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&gdpr=false&us_privacy=1---&VPjY=2547495f7257e91&ZUmA=2634bab75a77dbe
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.75.107.82 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS: lbadstorm-pk-nj-101
Software: RTK AdStorm/1.0 /
Resource Hash: e1cabf67d6d1eb9f52a22f1ad342c29d3daba65a8272f5750681d89dd62099c7

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 19:21:52 GMT
Content-Encoding: gzip
Server: RTK AdStorm/1.0
Etag: "5ea115e2d0fee712deddc6fbaff52c4f73e64ac0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Rtk-Nid: adstorm-pk-nj-104:243
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length: 155
Expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
427 B 1073ms
25ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Oct 2020 19:21:52 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
cf-ray: 5e3425377a03d895-CPH
access-control-allow-headers: Content-Type, Origin
cf-request-id: 05d47596a70000d8956c067000000001

POST
H2 200 c Show response
prebid.a-mo.net/a/ 613 B
729 B 1344ms
131ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: c3f6c8ace42267220fc366aa64e49e9e03f9c7c7d60c4dbf219ba0e9952d5817

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Oct 2020 19:21:52 GMT
content-encoding: gzip
server: envoy
status: 200
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
content-length: 300

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
357 B 1390ms
130ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: eee5475b0e8bca3e4de3d1b2ca2250d54e8ca9abbe002529bba78f67567c2408

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Oct 2020 19:21:52 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 155ms
104ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=488893007556397&correlator=1125012037593362&output=ldjh&impl=fifs&adsid=NT&eid=21065645%2C21068051%2C21067753&vrg=2020101201&gdpr_consent=tcunavailable&gdpr=1&tcfe=2&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=8491498%2Cmajorgeeks_videounit&enc_prev_ius=%2F0%2F1&prev_iu_szs=566x387&eri=1&cust_params=universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1602876112&dt=1602876112480&dlt=1602876108757&idt=838&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=2025061566&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&dssz=37&icsg=559193008352&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&fws=2&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

13d0246dd17232987b09562c917610d5b891716ea3f442c4f778a83c2e23ad55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2358
x-xss-protection: 0
google-lineitem-id: 5058670500
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269533439
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 73ms
40ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
13ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 540ms
490ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=488893007556397&correlator=1125012037593362&output=ldjh&impl=fifs&adsid=NT&eid=21065645%2C21068051%2C21067753&vrg=2020101201&gdpr_consent=tcunavailable&gdpr=1&tcfe=2&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=124067137%2Cmajorgeeks728x90FL_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1602876112&dt=1602876112489&dlt=1602876108757&idt=838&frm=20&biw=1600&bih=1200&oid=3&adxs=468&adys=64&adks=3108622128&ucis=2&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&dssz=37&icsg=559193008352&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1224x90&msz=1224x90&ga_vid=1208604162.1602876109&ga_sid=1602876110&ga_hid=1047287365&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

fd322df671371c08a57c7373177a5b0ea5787e495207c532eecd1a750fc26ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11312
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009282107000/ Frame D1BB 206 KB
57 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40252
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 08:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0138da5df6f877a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 08:11:01 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame D1BB 16 KB
6 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40252
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 08:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0dd94cdacc228659"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 08:11:01 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame D1BB 96 KB
29 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40252
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29503
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 08:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "59cc65a87e598f8b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 08:11:01 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame D1BB 4 KB
2 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40252
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 08:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d5686bc7b82e539c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 08:11:01 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame D1BB 47 KB
14 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40252
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14600
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 08:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a6f012caf7a1c6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 08:11:01 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D1BB 5 KB
1 KB 36ms
22ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js?21068051

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 18:37:54 GMT
server: ESF
date: Fri, 16 Oct 2020 19:21:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Oct 2020 19:21:53 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9578823326677890281/ Frame D1BB 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9578823326677890281/downsize_200k_v1?w=300&h=300

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c760efa90b81355a3f4a95a244e2334347d6c5ac3d2eb02e2620c8bc2008dc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 03:15:36 GMT
x-content-type-options: nosniff
age: 403577
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1864
x-xss-protection: 0
last-modified: Mon, 19 Nov 2018 20:40:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 03:15:36 GMT

GET
DATA 200
OK truncated
/ Frame D1BB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46f1082e9f0fc39dc519d57eb5f55531a6963f891a29c0d5044904d2e79af322

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1BB 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 29575
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 17 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1BB 295 B
388 B 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 78895
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D1BB 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuL1urwFFcg32I2KlNxZCg6AclZSz-OiBIorvy6qZqdV3TTAq0rH0iiIKLerfbF8TqfDChtujxRZG61QRhaECJHyeP3w
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D1BB 0
0 56ms
55ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtxT-0PKJX4ySJsqJgAeiyrqYAqqk1KxfzPGTsawLw-uU76gOEAEg1bSZe2DRgbmC0AegAcCU7_wDyAEB4AIAqAMBqgT3AU_QG5-LN7GcaNV4dK9Jb0bKv3JCl8pi3CCowhM41ptw75uBp_m1sPoHz7OL67c1KzLiCKWUfnFhk9n5KWnbztPsGAmTvTV2FSuFAynB9bNI_7tkNFnhSXfNLJ7ejJiK4WCZKPUyKm9fWAhOL9V3lgGwcygpkHfnITtBG5qUrReiu9dZdbwLH03F9d765NIRE2-gc33oer9QdXlS8oQOzN2BcQw_oNAsuOB96KpRMH3Ptd2uX9btkH4xG4tOMJfyyAadCvS9kjLAQPcoPuEwCsncr3tjfgjuDMocLE44bLdJhhRstRohJ1kELq2glbuXZoo7CQtYhMTABKud_sT4AeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAeo65ADqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEL3bKdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDUwMTg1MTY2NzMxNDMyNIAKA8gLAbIMFHB1Yi00NjQxNjA4NzExOTc5MDkx2BMMiBQD&sigh=henJ9cgquY0&template_id=5001&tpd=AGWhJmunyo5eBlfApvl-dZ8KUs4Uhs8oO3WDpoZnTHf7kPgyYg
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D1BB 11 KB
11 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.majorgeeks.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 382588
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:25 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D1BB 11 KB
11 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.majorgeeks.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 382590
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:23 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D1BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 16 Oct 2020 19:21:53 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK asyncspc.php Show response
ra.majorgeeks.com/www/delivery/ 886 B
1 KB 173ms
172ms XHR
application/json 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.majorgeeks.com/www/delivery/asyncspc.php?zones=4&prefix=revive-0-&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html
Requested by: Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4eabf906fc65b66dd71fcc02ce8adb856131b89f6a45f7231d0ab7c21b07f959

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 19:24:30 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ce3bf6bc7cb50766f92daf3fe742ce0434bc707ce99cb54b9a26847a1cdc43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6561
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Fri, 16 Oct 2020 19:21:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 207A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 16 Oct 2020 18:06:52 GMT
expires: Sat, 16 Oct 2021 18:06:52 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4501
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK d4db4f381cea0e53fae0dbbfa4dfba6d.png
ra.majorgeeks.com/www/images/ 36 KB
37 KB 158ms
157ms Image
image/png 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/images/d4db4f381cea0e53fae0dbbfa4dfba6d.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:31 GMT
Last-Modified: Wed, 27 Feb 2019 19:03:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9150-582e4d2c8d220"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 37200

GET
H/1.1 200
OK lg.php
ra.majorgeeks.com/www/delivery/ 43 B
651 B 478ms
179ms Image
image/gif 23.111.189.6
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=52&campaignid=3&zoneid=4&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&cb=5f927c9179
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: dev.majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 19:24:31 GMT
Server: Apache/2.4.10 (Debian)
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
204 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=488893007556397&bg=!LS6lLg7NAAWqWepuqlicounLAEL9XgIAAABTUgAAAAwKAKx1unvXALmSfWDo3p60PfCXloohvTdZYJ801qHCmT3i1iRTbrlO_BhhVZFoph_YEY7BGGEG9ls_DfRqIuezERcaXTFBnGHAe0EroRlOkp9lTip7YotUIq2a9Iy83k9NzSMLLAQYBz_rBNuEF_VNXz143bf1s4mc3cROg803_plm-3cTohniMiH6zVw4tocQqio38INIBRBHS8BXRIE6nEkPicM-pRc042h4HR3AmQGr8KaL7Bn3m62YYbh25sHNBb1wyUN3ofg5B695YR_loCdgPAPaDBCdeVq9k_ZEQ5tzMKWEWwv19vUeqf7KHZusLXya1P2Vrf43bzZxTNLQhDHj_4c4a9fXn37cpWuJS9CC2wvE9YRTzw_9VU5YY9a5OT3SAGYotC1HZWNrVJ27Oei8qAr02VTYAcYd5T1H95NOwYUR4j6Ybcjega7cJoxstCZz0tez7cZJjKoeTDq80SlEucqX5w7pwOvAfku-TofDzFcRv_59qKZiqN1Lrp-6D5HKq7nXYDc8TPLUo7WWiNpzMhtjbR9OVhVYVXcQrsAEJH7Dbef8ejvpgSab1Xs9_1CjZ6ocKWOh2N9IRAjCIyOxLnkRu7VUQzZLF-l5BreqIhgefFySxYOwig9Ra1xrthQ5SMHzJrFiB4iReIws-LEIi8kigvZxSh8zjpZTf1EixSfSXOAaIv2gLVoN7CwOS8t3V1kWTfLFrVOTujh5knkaAirKRC_fCifsFtrQythHrzgFl1W3FFBW5CGdUW2DnKzutLMK0UICulM1R3hQAMPnkS9bzOxRq_t6lw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D1BB 42 B
70 B 26ms
25ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9dA7LMfdMOZvCHXomfXXFv8yJvw0zu9_rkvCYH0uH4Jn7fQxaha99XX4e1C4lSYJdpnVRKdtr7PJHhVOAaZvOyf52Ax9mkbmHGpkt64Cr_C3B0d2WRpyco77imQ&sai=AMfl-YRQXJaeCwVtcXuIDq9kgjq-t7c0tZywFlxFcAkgvKrk1qNM29OI-Uh-7VPsiDtHWfiAdiPDEl2VDS9wotGIuDH_XhVJWb9PdEGP1miZjXLDtvG6-zCN36VMtN0A&sig=Cg0ArKJSzC-6gkr39_OxEAE&cid=CAASF-RoojhbZIeplg36d-sxFNta5_wnSu45&id=ampim&o=347,64&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=120&tls=1120&g=100&h=100&tt=1121&r=v&avms=ampa&adk=3108622128

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 19:21:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 100eng.json
m.addthis.com/live/red_lojson/ 0
161 B 132ms
132ms Other
text/plain 95.101.184.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/100eng.json?sh=0&ph=2239&ivh=1200&dt=4241&pdt=702&ict=&pct=0&perf=widget%7C702%7C636%2Clojson%7C1431%7C135%2Csh%7C1434%7C73&rndr=render_toolbox%7C1631%2Crender_layers_follow%7C1697%2Crender_layers_thankyou%7C1717&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery%2Cgoogleanalytics&jsfwv=jquery-1.7.2%2Cgoogleanalytics-analytics.js&al=men%2Csmlfw%2Csmlty&scr=0&scv=0&apiu=1&ba=3&sid=5f89f2cd974325f5&rev=v8.28.7-wp&pub=majorgeeks&dp=www.majorgeeks.com&fp=mg%2Fgetmirror%2Fdrive_icon_changer%2C1.html&pfm=0&icns=facebook%2Ctwitter%2Cyoutube%2Cinstagram
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.184.141 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a95-101-184-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
pragma: no-cache
date: Fri, 16 Oct 2020 19:21:54 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
access-control-allow-credentials: true
access-control-allow-origin: *
x-akamai-path-stats: [3:3957:4294965339]

GET
H/1.1

200
OK

Drive%20Icon%20Changer.zip
files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/
Redirect Chain

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=oe83jt3r8nasm55blud5hhbdb4
https://files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/Drive%20Icon%20Changer.zip

0
0

620ms
151ms

Document
application/zip

23.111.189.12
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/Drive%20Icon%20Changer.zip
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 23.111.189.12 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: files2.majorgeeks.com
Software: lighttpd/1.4.35 /
Resource Hash

Request headers

Host: files2.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _ga=GA1.2.1208604162.1602876109; _gid=GA1.2.1420184688.1602876109; _gat=1; __gads=ID=83c715d0c25b3bb1:T=1602876112:S=ALNI_Ma7Co_brMu6eyBm50ZKvA9FHDOMOg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

Content-Type: application/zip
Accept-Ranges: bytes
ETag: "3260945721"
Last-Modified: Fri, 03 Feb 2017 18:20:56 GMT
Content-Length: 4345571
Date: Fri, 16 Oct 2020 19:30:51 GMT
Server: lighttpd/1.4.35

Redirect headers

Date: Fri, 16 Oct 2020 19:24:31 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://files2.majorgeeks.com/c2b98d88e0ff8727654b2332380cf0379b8e4cc4/drives/Drive Icon Changer.zip
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
677 B 48ms
48ms XHR
application/json 52.17.253.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=9zrfwmk&fmt=json
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.253.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e42b9d25f66674cb9b5738b0406a582b47d0d0812ec071cefd86da8eecb9c4b

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Oct 2020 19:21:56 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sun, 15 Nov 2020 19:21:56 GMT

GET
H2 200 usersync.html
ad-cdn.technoratimedia.com/html/ Frame F33D 0
0 107ms
27ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F6B2) /
Resource Hash

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_3.27.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 409
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Fri, 16 Oct 2020 19:21:56 GMT
etag: "3fc5-5aee1960f1a00"
expires: Fri, 16 Oct 2020 19:36:45 GMT
last-modified: Wed, 09 Sep 2020 13:39:52 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (ska/F6B2)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 12810589 12276382
content-length: 5244

GET
H/1.1 200
OK Cookie set cs
sync.rtk.io/ Frame 664B 0
0 456ms
123ms Document
text/html 147.75.107.42
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs?us_privacy=1---
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.75.107.42 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: RTK CookiePixel/v1.2.1 /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Response headers

Date: Fri, 16 Oct 2020 19:21:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 645
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.2.1
Set-Cookie: rtkuuid=4a83bc3c-ba1e-4695-94ac-8d6cf2dc7aec; Path=/; Domain=rtk.io; Expires=Thu, 14 Jan 2021 19:21:56 GMT; Secure; SameSite=None
X-Rtk-Nid: adstorm-pk-nj-101:8002

GET
H/1.1 200
OK fanclose.png
www.majorgeeks.com/images/ 6 KB
6 KB 147ms
147ms Image
image/png 23.111.189.3
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/fanclose.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 19:24:36 GMT
Last-Modified: Wed, 28 May 2014 03:41:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18af-4fa6d97ccc000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6319

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 26) Message: triggered on event listener
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 25) Message: sending ad server request
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://www.majorgeeks.com/mg/getmirror/drive_icon_changer,1.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

93a3948bc896f4e9e8d2f0812f6c08a4.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad-cdn.technoratimedia.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
audit-tcfv2.quantcast.mgr.consensu.org
bidder.rtk.io
c.amazon-adsystem.com
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.thisiswaldo.com
dmx.districtm.io
files2.majorgeeks.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
googleads.g.doubleclick.net
hb.emxdgt.com
htlb.casalemedia.com
ib.adnxs.com
img.gamedistribution.com
ipfind.co
lockerdome.com
m.addthis.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.a-mo.net
prebid.technoratimedia.com
quantcast.mgr.consensu.org
ra.majorgeeks.com
rules.quantcount.com
s.adtelligent.com
s7.addthis.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
sync.rtk.io
tag.1rx.io
test.quantcast.mgr.consensu.org
the-eighth-d.openx.net
thisiswaldo.com
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.majorgeeks.com
z.moatads.com
s7.addthis.com
104.154.142.214
104.16.190.66
136.144.59.88
147.75.107.42
147.75.107.82
152.199.22.191
18.196.104.43
193.122.130.38
213.19.147.210
216.58.208.34
23.11.239.106
23.111.189.12
23.111.189.3
23.111.189.6
2600:9000:206e:d000:9:46dc:4700:93a1
2600:9000:206e:e800:6:44e3:f8c0:93a1
2600:9000:2127:2400:3:a4cd:8380:93a1
2600:9000:21f3:a400:4:164e:ca00:93a1
2606:4700:20::681a:b30
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:816::2001
2a00:1450:4001:81a::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9c
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:8640:452::2
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
34.98.64.218
37.252.172.249
52.15.219.226
52.17.253.7
52.210.165.157
52.52.67.66
52.95.124.170
67.202.110.22
95.100.197.246
95.101.184.141
99.86.239.170
99.86.240.180
99.86.243.92
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
094b91ed67b1046da5bf9f1af78a5d1069114fdadb22b5a5bc09323ce69dce74
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705
0db2700cff81ddc495fb1bec3a941cb94e7e612b31c0b0612bffbde1dfb9c8d8
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
10d489bd73b8d01234f0919ca10bc41121600aed9e016b36e1508c80bb8f2f3d
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
13d0246dd17232987b09562c917610d5b891716ea3f442c4f778a83c2e23ad55
1610ef04732fce40e79ae0cf149814a05f1ce96cfe0e2c888f280557fcd6e91e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dba6273b41550c66128d8ae8b7e585ffe3335755afa72240fabc0b78fd5cb8e
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2f3c043254ca1f3d4b3c943d35565bab8227869b8a761f412bb9405b71f948bb
33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
394cbc3aa76171b07dd16450b0d957d00de1121b856f1d7c644b7cdcdbe5a02d
3a3cdb10cc23493763d021106f71297d24021b880e91bea50edd5c6e85dc4e66
3e42b9d25f66674cb9b5738b0406a582b47d0d0812ec071cefd86da8eecb9c4b
46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579
46f1082e9f0fc39dc519d57eb5f55531a6963f891a29c0d5044904d2e79af322
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4c1ae63930fbbfcb7fecc37e7f8ec26edb2cb4d2f3698317b07a925ee7c7b372
4ccce273069d9e873de3d90039155cbaa4de683421bdd066b48c09de5f88c078
4ce3bf6bc7cb50766f92daf3fe742ce0434bc707ce99cb54b9a26847a1cdc43e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eabf906fc65b66dd71fcc02ce8adb856131b89f6a45f7231d0ab7c21b07f959
5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813
59613ad08c2987009985d237bea11246bed39ddebfb1641d37b8e783dab9c78a
59fa3e166e474650468621a978ad2b8d3c504b4260c05f6b3395dd5790899dd9
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d
670ef99163d3231945a5bb54fda651c83dcaa28c183df857688fcb7f7f69e6ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
72f63c65a1e59494b73b9d966c97b3e873f7c9575d2f55611a7cf414858514ce
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85faa8b4628f1266f09c6e4623954e172ee4b29020dc28970cccb19e621a64ca
869f1aefcd289d14fa401b99a115ae0ca04252c702ca483fbb11c273ef686d44
87517cd7f7ac09e61a6e9e74f35adf163775185f1cc64c899d94bc856d019c27
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
87e0b2a66e93be48722f690db7e85f37d9442be624ec3fa0d14333a9f291d43f
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5baf199502427b7900ee42ae258286b4b0d782afe3d469ba39b57a6fc6d02d4
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b54d43a3a381b5f1f48bde11f1404b93ad7c3e6a5f08280ed2871046b1371f7f
b9afb22e4125cdd212ddd8cf3b66636897efee91a14342e0277019dfaeb24db5
c3f6c8ace42267220fc366aa64e49e9e03f9c7c7d60c4dbf219ba0e9952d5817
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c760efa90b81355a3f4a95a244e2334347d6c5ac3d2eb02e2620c8bc2008dc89
ca108108993f219b4204a59711dec9c2037beb1437cc51d3a17157f872ce08d8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce0e795dd7cf0afcc6022601ed99a6f66f2a86c2cb5c905619ac05f5b4bbd25c
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf46be37f636106a863cc6a9e52baf2d1562cfaf765f5085fc9bd880f340ecf0
d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
e1cabf67d6d1eb9f52a22f1ad342c29d3daba65a8272f5750681d89dd62099c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
e74738a295005f942c294878f0b76e4d8a4938c3de0c34a097e337629993f291
e92fdb973a6cbc15672db566bafee758bfefb8aca9e445af6518aca1dd9374f5
e94871a28e588598a5b5bb0fa62dae728a3503c79b32dec93c3144b1660bcd73
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
eee5475b0e8bca3e4de3d1b2ca2250d54e8ca9abbe002529bba78f67567c2408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86
f6cb97c950093aa2243e49175928f045733beaf3d6097fa786dddd7c0398f4e6
faeb4e84b03bd585b6846653b20ca106a65bb068bf63c61260e40d4f3625b720
fd322df671371c08a57c7373177a5b0ea5787e495207c532eecd1a750fc26ec4
fd3aa6f25f7667d2afdd216f78c5e2d4338577b7789e9bddab47f226dcd8f122

www.majorgeeks.com Open in urlscan Pro 23.111.189.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

99 %HTTPS

44 %IPv6

36 Domains

53 Subdomains

49 IPs

6 Countries

2623 kBTransfer

5201 kBSize

0 Cookies

8 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

99 %
HTTPS

44 %
IPv6

36
Domains

53
Subdomains

49
IPs

6
Countries

2623 kB
Transfer

5201 kB
Size

0
Cookies

109 HTTP transactions
1 data transactions