urlscan.io logo urlscan.io
SecurityTrails logo

www.majorgeeks.com Open in urlscan Pro
23.111.189.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Effective URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Submission: On April 19 via api from CL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 6 countries across 31 domains to perform 92 HTTP transactions. The main IP is 23.111.189.3, located in Tampa, United States and belongs to HVC-AS, US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 18th 2020. Valid for: 3 months.
This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 23.111.189.3 29802 (HVC-AS)
2 2600:9000:21f... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 23.111.189.6 29802 (HVC-AS)
1 143.204.90.251 16509 (AMAZON-02)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.213.164.135 16625 (AKAMAI-AS)
6 172.217.21.194 15169 (GOOGLE)
3 143.204.90.242 16509 (AMAZON-02)
1 52.9.131.65 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.213.165.236 16625 (AKAMAI-AS)
2 37.252.173.38 29990 (ASN-APPNEX)
1 67.202.110.22 32748 (STEADFAST)
1 18.196.104.43 16509 (AMAZON-02)
1 213.19.147.210 26120 (RHYTHMONE)
1 23.213.165.44 16625 (AKAMAI-AS)
1 172.104.21.249 63949 (LINODE-AP...)
1 52.30.142.234 16509 (AMAZON-02)
1 104.154.142.214 15169 (GOOGLE)
1 34.95.120.147 15169 (GOOGLE)
2 52.15.219.226 16509 (AMAZON-02)
1 2 52.94.218.7 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 63.33.80.49 16509 (AMAZON-02)
1 66.175.213.243 63949 (LINODE-AP...)
92 33
9    23.111.189.3 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: majorgeeks.com
www.majorgeeks.com
2    2600:9000:21f3:ea00:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
4    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
4    23.111.189.6 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: dev.majorgeeks.com
ra.majorgeeks.com
1    143.204.90.251 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-251.fra50.r.cloudfront.net
cdn-images.mailchimp.com
9    2606:4700:20::681a:b30 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gamedistribution.com
9    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    23.213.164.135 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-135.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
6    172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net
securepubads.g.doubleclick.net
3    143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    52.9.131.65 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-131-65.us-west-1.compute.amazonaws.com
ipfind.co
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.213.165.236 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-236.deploy.static.akamaitechnologies.com
z.moatads.com
2    37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    67.202.110.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net
ssc.33across.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    23.213.165.44 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-44.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    172.104.21.249 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1840-249.members.linode.com
bidder.rtk.io
1    52.30.142.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-142-234.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
the-eighth-d.openx.net
2    52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
thisiswaldo.com
2    52.94.218.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:20eb:7a00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
vendorlist.consensu.org
7    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    66.175.213.243 (Miami, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li510-243.members.linode.com
sync.rtk.io
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
191 KB
13 majorgeeks.com
www.majorgeeks.com
ra.majorgeeks.com
117 KB
11 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
112 KB
9 gamedistribution.com
img.gamedistribution.com
1 MB
7 ampproject.org
cdn.ampproject.org
169 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
31 KB
4 thisiswaldo.com
cdn.thisiswaldo.com
thisiswaldo.com
128 KB
3 addthis.com
s7.addthis.com
189 KB
2 rtk.io
bidder.rtk.io
sync.rtk.io
788 B
2 adnxs.com
ib.adnxs.com
1 KB
2 google.com
adservice.google.com
www.google.com
280 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 googletagservices.com
www.googletagservices.com
42 KB
1 adsrvr.org
match.adsrvr.org
545 B
1 consensu.org
vendorlist.consensu.org
18 KB
1 addthisedge.com
v1.addthisedge.com
926 B
1 openx.net
the-eighth-d.openx.net
573 B
1 lockerdome.com
lockerdome.com
416 B
1 gumgum.com
g2.gumgum.com
546 B
1 casalemedia.com
as-sec.casalemedia.com
992 B
1 1rx.io
tag.1rx.io
273 B
1 emxdgt.com
hb.emxdgt.com
310 B
1 33across.com
ssc.33across.com
347 B
1 moatads.com
z.moatads.com
1 KB
1 google.de
adservice.google.de
171 B
1 facebook.com
www.facebook.com
1 ipfind.co
ipfind.co
427 B
1 googleapis.com
ajax.googleapis.com
33 KB
1 mailchimp.com
cdn-images.mailchimp.com
1 KB
0 on.net Failed
majorgeeks.mirror.internode.on.net Failed
0 districtm.io Failed
dmx.districtm.io Failed
92 31
Domain Requested by
9 tpc.googlesyndication.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.majorgeeks.com
cdn.ampproject.org
9 img.gamedistribution.com www.majorgeeks.com
9 www.majorgeeks.com 1 redirects www.majorgeeks.com
7 cdn.ampproject.org securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net cdn.thisiswaldo.com
www.googletagservices.com
securepubads.g.doubleclick.net
www.majorgeeks.com
5 pagead2.googlesyndication.com www.majorgeeks.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.majorgeeks.com
4 ra.majorgeeks.com www.majorgeeks.com
ra.majorgeeks.com
3 c.amazon-adsystem.com www.majorgeeks.com
c.amazon-adsystem.com
3 s7.addthis.com www.majorgeeks.com
s7.addthis.com
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 thisiswaldo.com cdn.thisiswaldo.com
thisiswaldo.com
2 ib.adnxs.com cdn.thisiswaldo.com
2 www.google-analytics.com 1 redirects www.majorgeeks.com
2 www.googletagservices.com www.majorgeeks.com
pagead2.googlesyndication.com
2 cdn.thisiswaldo.com www.majorgeeks.com
cdn.thisiswaldo.com
1 sync.rtk.io cdn.thisiswaldo.com
1 match.adsrvr.org cdn.thisiswaldo.com
1 www.google.com 1 redirects
1 vendorlist.consensu.org thisiswaldo.com
1 v1.addthisedge.com s7.addthis.com
1 the-eighth-d.openx.net cdn.thisiswaldo.com
1 lockerdome.com cdn.thisiswaldo.com
1 g2.gumgum.com cdn.thisiswaldo.com
1 bidder.rtk.io cdn.thisiswaldo.com
1 as-sec.casalemedia.com cdn.thisiswaldo.com
1 tag.1rx.io cdn.thisiswaldo.com
1 hb.emxdgt.com cdn.thisiswaldo.com
1 ssc.33across.com cdn.thisiswaldo.com
1 z.moatads.com s7.addthis.com
1 stats.g.doubleclick.net www.majorgeeks.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.facebook.com www.majorgeeks.com
1 ipfind.co cdn.thisiswaldo.com
1 ajax.googleapis.com www.majorgeeks.com
1 cdn-images.mailchimp.com www.majorgeeks.com
0 majorgeeks.mirror.internode.on.net Failed www.majorgeeks.com
0 dmx.districtm.io Failed cdn.thisiswaldo.com
92 39

This site contains no links.

Subject Issuer Validity Valid
majorgeeks.com
Let's Encrypt Authority X3		 2020-04-18 -
2020-07-17		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2019-06-16 -
2020-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
ra.majorgeeks.com
Let's Encrypt Authority X3		 2020-02-27 -
2020-05-27		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
gamedistribution.com
CloudFlare Inc ECC CA-2		 2020-01-11 -
2020-10-09		 9 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
ipfind.co
Amazon		 2020-03-02 -
2021-04-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.rtk.io
DigiCert SHA2 Secure Server CA		 2020-02-29 -
2022-03-04		 2 years crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2019-09-27 -
2020-11-26		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2018-09-19 -
2020-11-18		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2019-09-18 -
2020-08-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
vendorlist.consensu.org
Amazon		 2020-02-07 -
2021-03-07		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 9 frames:

Frame: http://majorgeeks.mirror.internode.on.net/drives/Victoria528.zip
Frame ID: F74546D89BC43403D285AEC1D2EEC9BB
Requests: 70 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Frame ID: 3B3EAB7498C9D12C9CBF3CFB8496BE54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Frame ID: EBDBD3178EB4873F9A3FAFFF1E9EA436
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1587275918&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&flash=0&wgl=1&adsid=NT&dt=1587275918106&bpp=52&bdt=631&idt=100&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2185934339455&frm=20&pv=2&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=2159192288&dssz=25&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GKHbUNildy&p=https%3A//www.majorgeeks.com&dtd=158
Frame ID: DABAF82958E663FEAE9147C0B1A9F4A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1587275918&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587275918554&bpp=2&bdt=1080&idt=3&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=2185934339455&frm=20&pv=1&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=10749126880&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
Frame ID: 715FD5D20F1977F96A80F11483E15734
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Frame ID: CDD7119E2ECEAD637C2138BAC7C2420B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7B8BA69CA861E05445253A4F0F925EEC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Frame ID: EC19E73ADEEE4D16C7B91C1215473DD1
Requests: 16 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 107692A3FC59BF3F2C4773B27B2FC013
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.majorgeeks.com/mg/getmirror/victoria_for_windows HTTP 301
    https://www.majorgeeks.com/mg/getmirror/victoria_for_windows Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

92
Requests

96 %
HTTPS

36 %
IPv6

31
Domains

39
Subdomains

33
IPs

6
Countries

2331 kB
Transfer

4339 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.majorgeeks.com/mg/getmirror/victoria_for_windows HTTP 301
    https://www.majorgeeks.com/mg/getmirror/victoria_for_windows Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2077985276&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ul=en-us&de=UTF-8&dt=Download%20Victoria%20for%20Windows%205.28&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1755695513&gjid=150098487&cid=1413463575.1587275918&tid=UA-956038-1&_gid=1367591324.1587275918&_r=1&z=802753133 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1413463575.1587275918&jid=1755695513&_gid=1367591324.1587275918&gjid=150098487&_v=j81&z=802753133
Request Chain 55
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Request Chain 83
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 90
  • https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=3bqpaodm8ovfkpcp5rct6dh4v6 HTTP 302
  • http://majorgeeks.mirror.internode.on.net/drives/Victoria528.zip

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set victoria_for_windows
www.majorgeeks.com/mg/getmirror/
Redirect Chain
  • http://www.majorgeeks.com/mg/getmirror/victoria_for_windows
  • https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
640f95388428283cad390349a534027ed7c2eb24f1135adecc48cb6f74b22f4a

Request headers

Host
www.majorgeeks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:35 GMT
Server
Apache/2.4.10 (Debian)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=3bqpaodm8ovfkpcp5rct6dh4v6; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6918
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 19 Apr 2020 06:00:35 GMT
Server
Apache/2.4.10 (Debian)
Location
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Content-Length
352
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
jquery.js
www.majorgeeks.com/core/javaload/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/core/javaload/jquery.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Content-Encoding
gzip
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
33760
index.php
www.majorgeeks.com/ 		47 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Content-Encoding
gzip
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
4663
4107.js
cdn.thisiswaldo.com/static/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/4107.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ea00:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7e54ab4541751c4cc3e5682cee9df76ef0c97aa9ee01e3cb351e1093ed68a3a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 15:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53819
x-cache
Hit from cloudfront
status
200
content-length
9501
last-modified
Fri, 17 Apr 2020 18:21:17 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"9d16-5a3809d858631-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
3uE0meN2rrTFSs0EBJx711NASu0_bb_7jFjor5UehIpDROlk3NNWXA==
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"490 / 589 of 1000 / last-modified: 1587071041"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14316
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:38 GMT
majorgeeksCOV.gif
www.majorgeeks.com/images/logos/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/logos/majorgeeksCOV.gif
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
64170acf9b45aef07e5ff6350f71edd3168c3b2599a16112a372114e5ce21b54

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Last-Modified
Tue, 31 Mar 2020 22:10:40 GMT
Server
Apache/2.4.10 (Debian)
ETag
"410b-5a22dd68ba000"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
16651
click_here.gif
www.majorgeeks.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/click_here.gif
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Last-Modified
Wed, 08 May 2013 03:02:26 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5c4-4dc2c29df1480"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1476
red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Last-Modified
Wed, 08 May 2013 03:03:35 GMT
Server
Apache/2.4.10 (Debian)
ETag
"57a-4dc2c2dfbefc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1402
asyncjs.php
ra.majorgeeks.com/www/delivery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ra.majorgeeks.com/www/delivery/asyncjs.php
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:37 GMT
Server
Apache/2.4.10 (Debian)
P3P
CP="CUR ADM OUR NOR STA NID"
ETag
e1ae6e2743255c6dac1aff6e1e0dbfb4
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private, max-age=3600
Connection
Keep-Alive
Expire
Sun, 19 Apr 2020 07:00:37 GMT
Keep-Alive
timeout=5, max=100
horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.251 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-251.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 06:06:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Dec 2015 16:21:55 GMT
Server
AmazonS3
Age
85922
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
xmshEcPK3KOA7CbICjGXY-u62m8LB1bDVkLPs9WcPTP2aeRaW2eVdQ==
a3603786d76c441388a2887fedf4f59a-512x384.jpeg
img.gamedistribution.com/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/a3603786d76c441388a2887fedf4f59a-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9da16440115c9d5e005c30e6330ebe14dda0ee5eebd4710eb1b004be89cf076

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
695
x-guploader-uploadid
AEnB2UoowKZKhlWNDWSYfcV124RoB42ZE9DdfQ2J_YhydIJQWU28RsRb5apEXKZ9F18gjwEQzSva1FFEW7TgK3zu9_egkwn6XPKAZzm9oGnbL22ttEkIG88
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
167638
cf-request-id
02329d82bc0000325c4e821200000001
last-modified
Thu, 02 Apr 2020 10:37:51 GMT
server
cloudflare
etag
"15a9a043702eac6a100d63ecb3305dd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=A3kDCQ==, md5=FamgQ3AurGoQDWPsszBd1Q==
x-goog-generation
1585823871811834
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
167638
accept-ranges
bytes
cf-ray
586465179837325c-FRA
expires
Sun, 19 Apr 2020 06:47:03 GMT
4882edc8ad2d43c798713f1028421379-512x384.jpeg
img.gamedistribution.com/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/4882edc8ad2d43c798713f1028421379-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b37c1c3c36a039dcb109470e2bb65cd9d44a45025da3500a743be56bdf5753

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
36
x-guploader-uploadid
AEnB2UqXbt5OjSy-Htc3rIrQHSVFWh9stMbCX9Ks9SpxvAq0Q_i_sNLuDMU8J1GcZVav_NIDabRQgQA3wvSDK7LmZNNW91JnL-nm9KwOzFXe5fgrdxgkjY0
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
43887
cf-request-id
02329d82bc0000325c4e822200000001
last-modified
Wed, 15 Apr 2020 12:16:58 GMT
server
cloudflare
etag
"3c5223352cef829d2379afae57ca0bd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Oj2xNg==, md5=PFIjNSzvgp0jea+uV8oL0g==
x-goog-generation
1586953018551767
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
43887
accept-ranges
bytes
cf-ray
58646517983a325c-FRA
expires
Sun, 19 Apr 2020 06:58:02 GMT
f556553455ee4295a8b7477335a72241-512x340.jpeg
img.gamedistribution.com/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/f556553455ee4295a8b7477335a72241-512x340.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fa3ad1c0ef6267975e1fbf41aba67bd1d623b8caf16759d115dd6eb64485ac

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
692
x-guploader-uploadid
AEnB2UrJwbbYFC1yZ4uRL9gnyJhgxWWSrJkaAFP6F1s6lI0M3u5vvaPpR4pwiLrEclKNbF2CoajUcD_4S2e4wezH3rCvs4UdIA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
208268
cf-request-id
02329d82bc0000325c4e823200000001
last-modified
Wed, 08 Apr 2020 14:29:32 GMT
server
cloudflare
etag
"b533741bd3ed915100d22835d5f4511d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=T3o0fw==, md5=tTN0G9PtkVEA0ig11fRRHQ==
x-goog-generation
1586356172500975
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
208268
accept-ranges
bytes
cf-ray
58646517983b325c-FRA
expires
Sun, 19 Apr 2020 06:47:06 GMT
6a3acc690b954c26a200d0e12df55450-512x384.jpeg
img.gamedistribution.com/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/6a3acc690b954c26a200d0e12df55450-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db0a3f1f08bdacc8125ba19137c1f1f839790f59ebf56f38b3354947489782c

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
1138
x-guploader-uploadid
AEnB2UpuQdFTd_8B1okFkHa_ELAM8pspFVLEWPUNcWI4jAD2F79IXRdcCRcr7vZWiQuqxhdYsmL78SptGEfcLq3cfjBhzI31G6dEY-pLlpXpIJ8cht8pbqU
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
119729
cf-request-id
02329d82bd0000325c4e824200000001
last-modified
Thu, 02 Apr 2020 18:52:30 GMT
server
cloudflare
etag
"a862ae61441654ff662fb07d97e2899f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yhfMVQ==, md5=qGKuYUQWVP9mL7B9l+KJnw==
x-goog-generation
1585853550328217
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
119729
accept-ranges
bytes
cf-ray
58646517983c325c-FRA
expires
Sun, 19 Apr 2020 06:39:40 GMT
ab9018821f6e430c8f2e7ac8670749be-512x512.jpeg
img.gamedistribution.com/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/ab9018821f6e430c8f2e7ac8670749be-512x512.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152d07eaa72176bec649c625ebd7b2020a774f76f5208dc7e4003bfebe48fb41

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
3476
x-guploader-uploadid
AEnB2UpZWvvZxjlsIOBjUacKVoU58hgcgO1WwN3ePlqKUVnlnIOAzIn_tUzqTNw6Uh9tevR4TLZYFA639xHGJeMRb1z0qJmwf1GzNW_jgkjeYNG6HIor-gk
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
297498
cf-request-id
02329d82bd0000325c4e825200000001
last-modified
Thu, 09 Apr 2020 21:06:07 GMT
server
cloudflare
etag
"9234c23026e7f0a785c329adaeec2003"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1A87+Q==, md5=kjTCMCbn8KeFwymtruwgAw==
x-goog-generation
1586466367677875
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
297498
accept-ranges
bytes
cf-ray
58646517983e325c-FRA
expires
Sun, 19 Apr 2020 06:00:42 GMT
1074f5a23d40475085f42c664157c444-512x384.jpeg
img.gamedistribution.com/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/1074f5a23d40475085f42c664157c444-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb10bfee54483d7bb89a245d6dd032e73f577863b3564b7cb4fbc1eddb2f75e

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
1138
x-guploader-uploadid
AEnB2UotUITMImtx-WhPh04rb69gy9jxXKqh7pXiVYsYCR7ieDUfkPLaY7kroDoFB7RBvy1d5fqwnOWjw51DG_AnEbracuiLVA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
113362
cf-request-id
02329d82bd0000325c4e826200000001
last-modified
Wed, 08 Apr 2020 22:03:29 GMT
server
cloudflare
etag
"f156954cb0b42339d90c1d21024fac44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PxFjiA==, md5=8VaVTLC0IznZDB0hAk+sRA==
x-goog-generation
1586383409241540
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
113362
accept-ranges
bytes
cf-ray
58646517983f325c-FRA
expires
Sun, 19 Apr 2020 06:39:40 GMT
3b278051e9b040b198b655fe603947b3-1280x550.jpeg
img.gamedistribution.com/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/3b278051e9b040b198b655fe603947b3-1280x550.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709b42a2634b71f53d6f5cfc4dded064df66bc4bde153a27ebdbc117778446da

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
1138
x-guploader-uploadid
AEnB2UrhzTSvcgGnkSjokAfsJNfM0ZZHmeQBklvsfI7ARFZFV-vw-MhuPMrUkGMHSKdYbNoEcXNSc8vOEZw8yaAh2cXVcdWozw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
129805
cf-request-id
02329d82bd0000325c4e827200000001
last-modified
Thu, 02 Apr 2020 11:13:11 GMT
server
cloudflare
etag
"cc2cd32187177f529cdd7b659607113e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=9EaamQ==, md5=zCzTIYcXf1Kc3XtllgcRPg==
x-goog-generation
1585825991151849
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
129805
accept-ranges
bytes
cf-ray
586465179840325c-FRA
expires
Sun, 19 Apr 2020 06:39:40 GMT
c243d582cdca401db63b1e38e5a6e8ff-512x384.jpeg
img.gamedistribution.com/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/c243d582cdca401db63b1e38e5a6e8ff-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c437800fceda6b124c85c0449bc13f845d3fd4645a631c663c43e66aa391662

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
3475
x-guploader-uploadid
AEnB2UoI6jYAqDvUgm1bDKarz8rxgiVTn60WjMxS_mkKbVNd20r0eYxCdTu7jXYqOb99ZGe1fPqtCWXVExrdwmdthnhsScThjw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
119207
cf-request-id
02329d82bd0000325c4e828200000001
last-modified
Fri, 27 Mar 2020 06:24:46 GMT
server
cloudflare
etag
"157fdf2d39c4a4f2d04c023988b5705d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=+ebPLw==, md5=FX/fLTnEpPLQTAI5iLVwXQ==
x-goog-generation
1585290286921830
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
119207
accept-ranges
bytes
cf-ray
586465179843325c-FRA
expires
Sun, 19 Apr 2020 06:00:43 GMT
97e6e658decf4bd4ab104adb8f699793-512x384.jpeg
img.gamedistribution.com/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/97e6e658decf4bd4ab104adb8f699793-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7494669929e946ff8f5ace56d2ce12fe53b037bdf1e60ce4d10208e973d6bcd

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
cf-cache-status
HIT
age
1667
x-guploader-uploadid
AEnB2UoUEn1UeS3OzD3_bAA0_-GaUaB1G0OCkeOVjttlIEci-JscafBqs-KkMIbL8vMSgTr52Ck7O98zuNvbW3k4h8kSb-jkGN8XorWpa0_nxvPVpCBiWW4
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
99003
cf-request-id
02329d82c30000325c4e829200000001
last-modified
Mon, 30 Mar 2020 14:51:54 GMT
server
cloudflare
etag
"ea02545122995b8ef8eda9f23b4c0fb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FlStEA==, md5=6gJUUSKZW4747anyO0wPtg==
x-goog-generation
1585579914316733
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
99003
accept-ranges
bytes
cf-ray
58646517984a325c-FRA
expires
Sun, 19 Apr 2020 06:30:51 GMT
advertisement.js
www.majorgeeks.com/b/ 		45 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/b/advertisement.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Last-Modified
Sat, 29 Apr 2017 07:29:37 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2d-54e4926fdaee0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
45
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39452
x-xss-protection
0
server
cafe
etag
2834666070277554483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Apr 2020 05:58:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 04:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1905417
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 04:41:40 GMT
index.php
www.majorgeeks.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:36 GMT
Content-Disposition
attachment; filename="index.png"
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
2808
Server
Apache/2.4.10 (Debian)
Content-Type
image/png
addthis_widget.js
s7.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 20:57:37 GMT
server
nginx/1.15.8
etag
"5e2765c1-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Sun, 19 Apr 2020 05:58:38 GMT
x-host
s7.addthis.com
content-length
114924
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
ca7613d4d9a01d3fc4974d2740ad6dbcfe57a05dbd66172426142e1638505217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"490 / 361 of 1000 / last-modified: 1587071041"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14763
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:38 GMT
prebid.js
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ 		242 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ea00:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2f14284114421dc56fa35cddc64e53ac17a635c130cbb6ab46c1c9a8d27fdb13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 17:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Apr 2020 17:54:45 GMT
server
Apache/2.4.29 (Ubuntu)
age
43389
etag
"3c920-5a343e5178404-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
NLT_UU-JazJdN76yAD5dtwiGYcjPUt9IaRJq7LJlZ-xpdlgDIA4MhA==
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
03c1019e4817587ec19f9fd1ad6c1d2291f088b5ad2ff143bc806abb4cc43d15

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:54:03 GMT
content-encoding
gzip
server
Server
age
274
etag
e37bcf6a8e24db139808b3c23df73db2
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Bf5t8S6M6DVSPiFOIAgDljvybtTpUs8mlYNrAitLwxwyuoGQCqhYwQ==
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
me
ipfind.co/ 		302 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.131.65 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-131-65.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
207744b369cab6836149ead33edcd62606f0adecf93812121d7cb8922c47c644

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.majorgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
204
page.php
www.facebook.com/plugins/ Frame 3B3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
7reqNdUp6xCv99Uq1KibEccb5tK8vmERg/rRy0Al2mZMYFEwP1JdO7WU5KAcq1K0VhJNfGODVTAQPlq+QA5s1g==
date
Sun, 19 Apr 2020 05:58:38 GMT Sun, 19 Apr 2020 05:58:38 GMT
alt-svc
h3-27=":443"; ma=3600
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1204
date
Sun, 19 Apr 2020 05:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sun, 19 Apr 2020 07:38:34 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020041602.js
securepubads.g.doubleclick.net/gpt/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 16:34:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62526
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:38 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/ 		216 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
83122
x-xss-protection
0
server
cafe
etag
9756899714300984333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Apr 2020 05:58:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/ Frame EBDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200413/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 14 Apr 2020 02:35:42 GMT
expires
Tue, 28 Apr 2020 02:35:42 GMT
content-type
text/html; charset=UTF-8
etag
1284906565632978074
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4913
x-xss-protection
0
cache-control
public, max-age=1209600
age
444176
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2077985276&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ul=en-us&de=UTF-8&dt=Download%20Victor...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1413463575.1587275918&jid=1755695513&_gid=1367591324.1587275918&gjid=150098487&_v=j81&z=802753133
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1413463575.1587275918&jid=1755695513&_gid=1367591324.1587275918&gjid=150098487&_v=j81&z=802753133
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Apr 2020 05:58:38 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Apr 2020 05:58:38 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1413463575.1587275918&jid=1755695513&_gid=1367591324.1587275918&gjid=150098487&_v=j81&z=802753133
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DABA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1587275918&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&flash=0&wgl=1&adsid=NT&dt=1587275918106&bpp=52&bdt=631&idt=100&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2185934339455&frm=20&pv=2&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=2159192288&dssz=25&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GKHbUNildy&p=https%3A//www.majorgeeks.com&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1587275918&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&flash=0&wgl=1&adsid=NT&dt=1587275918106&bpp=52&bdt=631&idt=100&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2185934339455&frm=20&pv=2&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=2159192288&dssz=25&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GKHbUNildy&p=https%3A//www.majorgeeks.com&dtd=158
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Apr 2020 05:58:38 GMT
server
cafe
content-length
25064
x-xss-protection
0
set-cookie
IDE=AHWqTUmmKLn2H5BrHfKG2dum3GTKxEHcOXbvyv65cDAg4bw2Bkx9iwI6hDypSWkh; expires=Fri, 14-May-2021 05:58:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Sun, 19 Apr 2020 05:58:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587123250781365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28347
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:38 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 01:21:27 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
vary
Origin
age
16632
x-cache
Hit from cloudfront
status
200
content-length
6482
last-modified
Thu, 09 Apr 2020 23:46:54 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
tqTCaSPNCLSUYz3fKl2h7fT34499rmDZVeEWnsL1fvo3swacOV2zSg==
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
6CDA04CEF72D568E
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=19530
accept-ranges
bytes
content-length
948
x-amz-id-2
vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=
bid
c.amazon-adsystem.com/e/dtb/ 		105 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&pid=pLkbjYYnfy8m7&cb=0&ws=1600x1200&v=7.48.03&t=2500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&cfgv=0&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
48d43eddb125e9e39ddb4169b3570f36b7a6ab68aef2701baf160cc08509740e

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
117
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-id
5ppvn4vAbIOlleZ-gASs3e-6dFs6KDr1mgq46iKfiY8fHw5ZN_LYmg==
v1
dmx.districtm.io/b/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 05:58:40 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.201:80
AN-X-Request-Uuid
72801bb0-5190-4a60-a259-47e819e33c62
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		65 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
ae66c86e8dbb3cfce923191182d1192f9b4a7843c37ce6012068987d5a258576

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1587275918511&src=pbjs
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 19 Apr 2020 05:58:39 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
mvo
tag.1rx.io/rmp/204851/0/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/204851/0/mvo?z=1r&hbv=3.5,2.1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.majorgeeks.com
Pragma
no-cache
Date
Sun, 19 Apr 2020 05:58:38 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
cygnus
as-sec.casalemedia.com/ 		25 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=296677&v=7.2&r=%7B%22id%22%3A%22127dd824fff8f2b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22139828efbaa1c62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22296677%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214953c58e199c2f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22296678%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%224107%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1916bf959f39eeeb2bc2e2231f841e76f86c76e1dd718de00451acb0efc8413d

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 05:58:38 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Sun, 19 Apr 2020 05:58:38 GMT
aardvark
bidder.rtk.io/IS9K/VPjY_ZUmA/ 		268 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.rtk.io/IS9K/VPjY_ZUmA/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&w=1600&h=1200&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&VPjY=169eac4f8022fb&ZUmA=17898b0fb94c5e&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.104.21.249 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1840-249.members.linode.com
Software
RTK AdStorm/1.0 /
Resource Hash
04da513c52cfb4caa2994e20297b6e4c73d63dcde44f7e7a17cd2e1fee13183b

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 05:58:39 GMT
Content-Encoding
gzip
Server
RTK AdStorm/1.0
Etag
"8bf9c945b6de79a34bf045242fbcec7ee69b6552"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Rtk-Nid
li1830-220.members.linode.com:111
Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length
153
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 05:58:40 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
589d6180-9790-45c3-a04f-4f39556f9c80
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		122 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28367&pi=3&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.142.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-142-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c30bbbb89b29eea5f0dee12163db3def167097bab9b00d150f334a75d2903fb7

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
lockerdome.com/ladbid/ 		11 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 19 Apr 2020 05:58:39 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
31
arj
the-eighth-d.openx.net/w/1.0/ 		174 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=78ecd57c-1061-4990-92f6-f1b512ccc71b&nocache=1587275918517&pubcid=9710dea2-c45a-4b72-934a-099da090fd1b&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&aus=728x90%2C970x90&divIds=waldo-tag-4165&auid=540717872&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.183.0 /
Resource Hash
aca43e204e6f2aced4df92ca9212130b0b4a820113dc897f572de6ad84b32804

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
server
OXGW/16.183.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
new-impression
thisiswaldo.com/ 		1 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thisiswaldo.com/new-impression
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 19 Apr 2020 05:58:38 GMT
X-Content-Type-Options
nosniff, nosniff
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Sun, 19 Nov 1978 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 715F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1587275918&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587275918554&bpp=2&bdt=1080&idt=3&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=2185934339455&frm=20&pv=1&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=10749126880&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1587275918&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587275918554&bpp=2&bdt=1080&idt=3&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=2185934339455&frm=20&pv=1&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&ga_fc=0&iag=0&icsg=10749126880&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44717539%2C182982300&oid=3&pvsid=3784330779528148&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Apr 2020 05:58:38 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
IDE=AHWqTUn0V0V2y7daLEBRkk8oPLtjMbKcDuyWqOkLFo555zKmErSI6ldgqtGTQs-X; expires=Fri, 14-May-2021 05:58:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Sun, 19 Apr 2020 05:58:38 GMT
cache-control
private
_ate.track.config_resp
v1.addthisedge.com/live/boost/majorgeeks/ 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11643704c9f40fe7459ad5323df878594de93259b3397adf70a0a99127396037

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:38 GMT
content-encoding
gzip
etag
1927055077--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=45, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
750
cmp.complete.bundle.js
thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/ 		195 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4586e215e2f2314c482eddd7e97c5b30024f876c4c974aee4d180782d76e0949
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 05:58:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 16:44:07 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"30b03-59ef07f33e3c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
41528
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame CDD7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AzJeN5uy4E3Bo5OWCgh-BCg|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

Server
Server
Date
Sun, 19 Apr 2020 05:58:39 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
182
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=AzJeN5uy4E3Bo5OWCgh-BCg; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 05:58:39 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 05:58:39 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sun, 19 Apr 2020 05:58:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Set-Cookie
ad-id=AzJeN5uy4E3Bo5OWCgh-BCg|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 05:58:38 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Sun, 19 Apr 2020 05:58:38 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
143.3d8bb49f121080f7c65c.js
s7.addthis.com/static/ 		625 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 20:57:37 GMT
server
nginx/1.15.8
etag
W/"5e2765c1-271"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Sun, 19 Apr 2020 05:58:39 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
404
pubvendors.json
thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/docs/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a2b6b9f6cbb151ed7eb6610b5beb4e32d151fe66cc595d0284b1184b698e9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 05:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5168
x-xss-protection
0
asyncspc.php
ra.majorgeeks.com/www/delivery/ 		887 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ra.majorgeeks.com/www/delivery/asyncspc.php?zones=4&prefix=revive-0-&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows
Requested by
Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
0ceac0ff45132751705d5acee90132f537ea957f645cf5509c0862daa4731564

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 06:00:38 GMT
Server
Apache/2.4.10 (Debian)
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=99
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3784330779528148&correlator=1826024190266932&output=ldjh&impl=fifs&adsid=NT&eid=21065890%2C21065616&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200419&iu_parts=8491498%2Cmajorgeeks_videounit&enc_prev_ius=%2F0%2F1&prev_iu_szs=566x387&eri=1&cust_params=universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1587275919&dt=1587275919635&dlt=1587275917474&idt=1136&frm=20&biw=1585&bih=1200&oid=3&adxs=-9&adys=-9&adks=2025061566&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&dssz=33&icsg=687944106882&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&fws=2&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
b4e34bccceeae027ff625751e8ae176079c31177319539c884683c11770c176a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2127
x-xss-protection
0
google-lineitem-id
5058670500
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138269533439
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020041602.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 16:34:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
23935
x-xss-protection
0
expires
Sun, 19 Apr 2020 05:58:39 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3784330779528148&correlator=1826024190266932&output=ldjh&impl=fifs&adsid=NT&eid=21065890%2C21065616&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200419&iu_parts=124067137%2Cmajorgeeks728x90FL_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1587275919&dt=1587275919645&dlt=1587275917474&idt=1136&frm=20&biw=1585&bih=1200&oid=3&adxs=461&adys=64&adks=3108622128&ucis=2&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&dssz=34&icsg=141425432462210&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1212x90&msz=1212x90&ga_vid=1413463575.1587275918&ga_sid=1587275918&ga_hid=2077985276&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
4c8af2c7203d76f2e920067d38b16fb2876f6df5bef979ae91d570acd43cd098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 05:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10229
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7B8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sat, 18 Apr 2020 22:28:38 GMT
expires
Sun, 18 Apr 2021 22:28:38 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27001
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
vendorlist.json
vendorlist.consensu.org/ 		96 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: thisiswaldo.com
URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04f9206da6b56f38a4e4757ae31e983faad788629925eb0b7630ae1363f5e73f

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 16:13:39 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
222301
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 16 Apr 2020 16:00:55 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
3dIfidhajd6Uz2fa6kKbmXcjfH20Tpr2
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
content-type
application/json; charset=utf-8
x-amz-cf-id
m6iRXL9YzduNsWUYCm3mISvWTjIaoV9a_pf4AQS6L-Y9fA0qDZvRkA==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200413&jk=3784330779528148&bg=!FhWlFQ1YxY1wllC3vcgCAAAAPVIAAAAOmQFeqU_egcSqa2j7mL4GCOI3dbkKiRxPFTrx1kMe3e4gM5gOxrdf2mwCLtrZ0XbHGhVsVU3IdhMbm-hEPUYbzKXEZ312KD6DpYngKoOqsASYa2GTSrvzLxxyTzPctald861N5Bmxb8KQ1g09-qqa2I1OdVb-UPlF0h_RYDL38DC-Q-csWIvM63r0ywo3cOeafiVeOdbczh04J3Sh1CkPAfSz7BBXvrHQijAeeT8Ogzpgsw1ND8lCmjjTw43oKvKNesYIUH52VoXXXakcFov6lvWg235Qrg_iPRbugU5hP4G_sMR5mNvXNnhtZuNZqa-ftzg1wGi5J7W1dF_QJcA80J1bhKAb1U0SYjKNdtquQyL0xEDfFberBWu4wY8TEM8SrbQQBkJB0uPVAMbuEmZ25481ODQAHq2P_iiToZ9EhwPBiYTFfv8T6pVcV9UWXn-AVG5TD1QoVc7XiLI6Kbur_w8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Apr 2020 05:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d4db4f381cea0e53fae0dbbfa4dfba6d.png
ra.majorgeeks.com/www/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ra.majorgeeks.com/www/images/d4db4f381cea0e53fae0dbbfa4dfba6d.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 06:00:38 GMT
Last-Modified
Wed, 27 Feb 2019 19:03:04 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9150-582e4d2c8d220"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
37200
lg.php
ra.majorgeeks.com/www/delivery/ 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=52&campaignid=3&zoneid=4&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fvictoria_for_windows&cb=c999eeb396
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 06:00:38 GMT
Server
Apache/2.4.10 (Debian)
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=97
Expires
0
amp4ads-v0.js
cdn.ampproject.org/rtv/052004041903580/ Frame EC19 		201 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d6995f2d7b8cda88208d5f5e0c4f35eaf68490072fad88fd95829df59d5ab7b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/
Origin
https://www.majorgeeks.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
56027
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12137fc9e8dfd1ad"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/052004041903580/ Frame EC19 		201 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d6995f2d7b8cda88208d5f5e0c4f35eaf68490072fad88fd95829df59d5ab7b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
56027
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12137fc9e8dfd1ad"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/052004041903580/v0/ Frame EC19 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7d68ee5ac7a4540c2955e17dcd0cab1dd515b3c676359483458a5cfab6f7319
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5892
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a2d85256047afcc"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/052004041903580/v0/ Frame EC19 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da8a3e31c63f348a371cbb1227107bd94009f1cf9e048fa277f63f560750392
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28592
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeb1843f4503504d"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/052004041903580/v0/ Frame EC19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e676e64f0e579d6fb9fc306943a8de47bce9371b7205572ff6c7d199b30c8b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1636
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"23d700dcb248f67c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/052004041903580/v0/ Frame EC19 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4e916adba91667506b5ef2abe8560797f714959dc0a1a0e001249b2c81c1929
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14939
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ba97007a65e34fc"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
truncated
/ Frame EC19 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21665e45c5165aae950d985d134e9825f5ec855de2371779c5072f2803db5f44

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/052004041903580/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052004041903580/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e570a3237ca583026a4c3701a39f3ec7365825e23a54392f49ecc2363354acb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204533
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7312
x-xss-protection
0
server
sffe
date
Thu, 16 Apr 2020 21:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bb639aef12cfcfc1"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 21:09:47 GMT
14323378869263932487
tpc.googlesyndication.com/daca_images/simgad/ Frame EC19 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14323378869263932487
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e91ba4497c090eee8d86e3899d1f2fea1f763eff0e8bbff52685d4f4dc9a8ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 23:08:24 GMT
x-content-type-options
nosniff
age
370216
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27767
x-xss-protection
0
last-modified
Tue, 20 Aug 2019 20:35:26 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 23:08:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC19 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Apr 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
67782
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 19 Apr 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC19 		295 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Apr 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
27263
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 19 Apr 2020 22:24:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EC19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHzu0j-ibXozYKtnD7_UPhLuwmAXZzIuoV8aXx4WDCr_hHhABILOT4mtg6eTJhdgaoAGh25HWA8gBAuACAKgDAcgDCKoEgAJP0NNwrVAW99Pg5SkI_UJmoXaPc2gcoW0KdcHO_IkBH0wfrQgPJShvNs62ZenLoab6eLHKuI2bDkiDYe2nJ9wc-XZuTmV3Ea7ttQHSTVShZu5yq59I49G4U-v2kyeZlFltAOk5eI9njaSvZLdphpc64tAFFeZeJL2ONn8N7Iz2WchqncQjxW-t2_Od3m8Vug-dqRmTDe7azDny7rrgeTYUUhdd7NGJezVk3mogxosibPfa4YTHkuwBgzdneIq10w3MxEmhEEIZ93-uscS2AuLvbYVf5WUu_A2Pp1l0ePXo17bSf61EoSiI-m2X0ZGLuJ6KJbjnLiyDvCBOW0aBcsStwASdoIPnkALgBAGSBQQIBBgBkgUECAUYBKAGAoAHx6TuKagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCw7gbSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTIyMjc4NjQ0NTczMDg3MDeACgPICwHYEww&sigh=GDfGWsER7hI&tpd=AGWhJmullHK_3Ojoh0Yz3mhsLcUocdmz-OoFNYvKPWD1q7hxNQ
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC19
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Sun, 19 Apr 2020 05:58:40 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
246
x-xss-protection
0
14323378869263932487
tpc.googlesyndication.com/daca_images/simgad/ Frame EC19 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14323378869263932487
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e91ba4497c090eee8d86e3899d1f2fea1f763eff0e8bbff52685d4f4dc9a8ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 23:08:24 GMT
x-content-type-options
nosniff
age
370216
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27767
x-xss-protection
0
last-modified
Tue, 20 Aug 2019 20:35:26 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 23:08:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC19 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Apr 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
67782
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 19 Apr 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC19 		295 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Apr 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
27263
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 19 Apr 2020 22:24:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC19 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHJF33mDv_ghgtm_4eTwjem_mlP9pPGJFvxqEKP0aZvquSvlCSbWI6LW2jti22u8GWUapQCWpdqkMBTOYMwOR93VJhBNoJAlxzspjaYZ1mW5IJrmQqDBiTOXYPZQ&sai=AMfl-YQ25tjPk2_-ELcrEC15araEFo41EvINLfSVmAgBeRd_Zdq0NT-Abs_Ls4K-q2cTyMUks2jnDY2d0RFQL3a9UDa4g75kL8GJfZxCbU1xZThaT3cUtcII6rRjVEQ&sig=Cg0ArKJSzIaI_g0hrpFlEAE&cid=CAASF-RoI3UL9SLz9AlZvkwOT1TyRY6U6uWh&id=ampim&o=340,64&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=144&tls=1144&g=100&h=100&tt=1144&r=v&avms=ampa&adk=3108622128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Apr 2020 05:58:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=9zrfwmk&fmt=json
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2ed275d183cd93cfd36201b2d99912622a33efd1f371483ec1a786fd7f208bda

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Apr 2020 05:58:42 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 19 May 2020 05:58:42 GMT
Cookie set cs
sync.rtk.io/ Frame 1076 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.rtk.io/cs
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.175.213.243 Miami, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li510-243.members.linode.com
Software
RTK CookiePixel/v1.2.0 /
Resource Hash

Request headers

Host
sync.rtk.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Response headers

Date
Sun, 19 Apr 2020 05:58:43 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Server
RTK CookiePixel/v1.2.0
Set-Cookie
rtkuuid=75f91f8b-638f-459c-8249-ac1a0aa84fd6; Path=/; Domain=rtk.io; Expires=Sat, 18 Jul 2020 05:58:43 GMT; Secure; SameSite=None
X-Rtk-Nid
li1035-202.members.linode.com:8002
Content-Encoding
gzip
Victoria528.zip
majorgeeks.mirror.internode.on.net/drives/
Redirect Chain
  • https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=3bqpaodm8ovfkpcp5rct6dh4v6
  • http://majorgeeks.mirror.internode.on.net/drives/Victoria528.zip
0
0
fanclose.png
www.majorgeeks.com/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
thisiswaldo.com
URL
https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/docs/pubvendors.json
Domain
majorgeeks.mirror.internode.on.net
URL
http://majorgeeks.mirror.internode.on.net/drives/Victoria528.zip
Domain
www.majorgeeks.com
URL
https://www.majorgeeks.com/images/fanclose.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 2)
Message:
triggered on event listener
console-api log URL: https://cdn.thisiswaldo.com/static/js/4107.js(Line 1)
Message:
sending ad server request
console-api info URL: https://cdn.ampproject.org/rtv/052004041903580/amp4ads-v0.js(Line 406)
Message:
Powered by AMP ⚡ HTML – Version 2004041903580 https://www.majorgeeks.com/mg/getmirror/victoria_for_windows

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as-sec.casalemedia.com
bidder.rtk.io
c.amazon-adsystem.com
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.thisiswaldo.com
dmx.districtm.io
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
ib.adnxs.com
img.gamedistribution.com
ipfind.co
lockerdome.com
majorgeeks.mirror.internode.on.net
match.adsrvr.org
pagead2.googlesyndication.com
ra.majorgeeks.com
s7.addthis.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
sync.rtk.io
tag.1rx.io
the-eighth-d.openx.net
thisiswaldo.com
tpc.googlesyndication.com
v1.addthisedge.com
vendorlist.consensu.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.majorgeeks.com
z.moatads.com
dmx.districtm.io
majorgeeks.mirror.internode.on.net
thisiswaldo.com
www.majorgeeks.com
104.154.142.214
143.204.90.242
143.204.90.251
172.104.21.249
172.217.21.194
18.196.104.43
213.19.147.210
23.111.189.3
23.111.189.6
23.213.164.135
23.213.165.236
23.213.165.44
2600:9000:20eb:7a00:1:af78:4c0:93a1
2600:9000:21f3:ea00:4:164e:ca00:93a1
2606:4700:20::681a:b30
2a00:1450:4001:808::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2001
2a00:1450:4001:821::2001
2a00:1450:4001:821::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c00::9c
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.120.147
37.252.173.38
52.15.219.226
52.30.142.234
52.9.131.65
52.94.218.7
63.33.80.49
66.175.213.243
67.202.110.22
03c1019e4817587ec19f9fd1ad6c1d2291f088b5ad2ff143bc806abb4cc43d15
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04da513c52cfb4caa2994e20297b6e4c73d63dcde44f7e7a17cd2e1fee13183b
04f9206da6b56f38a4e4757ae31e983faad788629925eb0b7630ae1363f5e73f
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ceac0ff45132751705d5acee90132f537ea957f645cf5509c0862daa4731564
0da8a3e31c63f348a371cbb1227107bd94009f1cf9e048fa277f63f560750392
11643704c9f40fe7459ad5323df878594de93259b3397adf70a0a99127396037
13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd
152d07eaa72176bec649c625ebd7b2020a774f76f5208dc7e4003bfebe48fb41
1916bf959f39eeeb2bc2e2231f841e76f86c76e1dd718de00451acb0efc8413d
207744b369cab6836149ead33edcd62606f0adecf93812121d7cb8922c47c644
21665e45c5165aae950d985d134e9825f5ec855de2371779c5072f2803db5f44
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb
2c437800fceda6b124c85c0449bc13f845d3fd4645a631c663c43e66aa391662
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2ed275d183cd93cfd36201b2d99912622a33efd1f371483ec1a786fd7f208bda
2f14284114421dc56fa35cddc64e53ac17a635c130cbb6ab46c1c9a8d27fdb13
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
4586e215e2f2314c482eddd7e97c5b30024f876c4c974aee4d180782d76e0949
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48d43eddb125e9e39ddb4169b3570f36b7a6ab68aef2701baf160cc08509740e
4c8af2c7203d76f2e920067d38b16fb2876f6df5bef979ae91d570acd43cd098
4db0a3f1f08bdacc8125ba19137c1f1f839790f59ebf56f38b3354947489782c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
640f95388428283cad390349a534027ed7c2eb24f1135adecc48cb6f74b22f4a
64170acf9b45aef07e5ff6350f71edd3168c3b2599a16112a372114e5ce21b54
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
709b42a2634b71f53d6f5cfc4dded064df66bc4bde153a27ebdbc117778446da
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
7e54ab4541751c4cc3e5682cee9df76ef0c97aa9ee01e3cb351e1093ed68a3a2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8d6995f2d7b8cda88208d5f5e0c4f35eaf68490072fad88fd95829df59d5ab7b
96b37c1c3c36a039dcb109470e2bb65cd9d44a45025da3500a743be56bdf5753
96e676e64f0e579d6fb9fc306943a8de47bce9371b7205572ff6c7d199b30c8b
9a2b6b9f6cbb151ed7eb6610b5beb4e32d151fe66cc595d0284b1184b698e9b5
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
aca43e204e6f2aced4df92ca9212130b0b4a820113dc897f572de6ad84b32804
ae66c86e8dbb3cfce923191182d1192f9b4a7843c37ce6012068987d5a258576
b2fa3ad1c0ef6267975e1fbf41aba67bd1d623b8caf16759d115dd6eb64485ac
b4e34bccceeae027ff625751e8ae176079c31177319539c884683c11770c176a
b4e916adba91667506b5ef2abe8560797f714959dc0a1a0e001249b2c81c1929
c30bbbb89b29eea5f0dee12163db3def167097bab9b00d150f334a75d2903fb7
ca7613d4d9a01d3fc4974d2740ad6dbcfe57a05dbd66172426142e1638505217
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
e570a3237ca583026a4c3701a39f3ec7365825e23a54392f49ecc2363354acb3
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
e7d68ee5ac7a4540c2955e17dcd0cab1dd515b3c676359483458a5cfab6f7319
e91ba4497c090eee8d86e3899d1f2fea1f763eff0e8bbff52685d4f4dc9a8ebd
e9da16440115c9d5e005c30e6330ebe14dda0ee5eebd4710eb1b004be89cf076
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecb10bfee54483d7bb89a245d6dd032e73f577863b3564b7cb4fbc1eddb2f75e
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86
f7494669929e946ff8f5ace56d2ce12fe53b037bdf1e60ce4d10208e973d6bcd