www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Submission: On December 11 via api (December 11th 2019, 1:49:33 pm UTC) from US

Summary HTTP 78 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 28 domains to perform 78 HTTP transactions. The main IP is 23.111.189.3, located in Tampa, United States and belongs to HVC-AS - HIVELOCITY, Inc., US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 10th 2019. Valid for: 3 months.

This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

0PatchInstaller_19.11.15.10650.msi 3 MB application/x-msi

SHA256: 7143e227897177046b58a0e4fe3ec480e1e19d73e3c53f6057f5916654e355bc

MIME: Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Create Time/Date: Mon Jun 21 07:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel;1033, Number of Pages: 200, Revision Number: {0B30B49E-BC91-4172-8544-96962C6DF11C}, Title: 0patch, Author: Acros Security, Comments: 0patch Agent, Number of Words: 2, Last Saved Time/Date: Fri Nov 15 09:51:42 2019, Last Printed: Fri Nov 15 09:51:42 2019

Domain & IP information

	IP Address	AS Autonomous System
1 10	23.111.189.3 23.111.189.3	29802 (HVC-AS) (HVC-AS - HIVELOCITY)
2	2600:9000:215... 2600:9000:2156:8400:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.90.251 143.204.90.251	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2.21.36.164 2.21.36.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	143.204.90.242 143.204.90.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	185.33.223.209 185.33.223.209	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
6	52.48.197.20 52.48.197.20	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	52.94.220.16 52.94.220.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.111.189.12 23.111.189.12	29802 (HVC-AS) (HVC-AS - HIVELOCITY)
1	52.48.237.210 52.48.237.210	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.104.211.45 172.104.211.45	63949 (LINODE-AP...) (LINODE-AP Linode)
78	27

10 23.111.189.3 (Tampa, United States) 1 redirects

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: majorgeeks.com

www.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8400:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.251 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-251.fra50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.209 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 314.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.48.197.20 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.220.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.189.12 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: files2.majorgeeks.com

files2.majorgeeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.237.210 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-237-210.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.211.45 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1917-45.members.linode.com

sync.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	majorgeeks.com 1 redirects www.majorgeeks.com files2.majorgeeks.com	74 KB
10	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	132 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	208 KB
6	gumgum.com g2.gumgum.com	3 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	30 KB
3	ampproject.org cdn.ampproject.org	103 KB
3	addthis.com s7.addthis.com	189 KB
3	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	83 KB
2	adnxs.com ib.adnxs.com	3 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com adservice.google.com www.google.com	171 B
2	googletagservices.com www.googletagservices.com	44 KB
1	adsrvr.org match.adsrvr.org	539 B
1	openx.net the-eighth-d.openx.net	422 B
1	rtk.io bidder.rtk.io Failed sync.rtk.io
1	addthisedge.com v1.addthisedge.com	983 B
1	moatads.com z.moatads.com	1 KB
1	facebook.com www.facebook.com
1	google.de adservice.google.de	171 B
1	googleapis.com ajax.googleapis.com	33 KB
1	mailchimp.com cdn-images.mailchimp.com	1 KB
0	emxdgt.com Failed hb.emxdgt.com Failed
0	lockerdome.com Failed lockerdome.com Failed
0	districtm.io Failed dmx.districtm.io Failed
0	sharethrough.com Failed btlr.sharethrough.com Failed
0	casalemedia.com Failed as-sec.casalemedia.com Failed
0	33across.com Failed ssc.33across.com Failed
0	ipfind.co Failed ipfind.co Failed
78	28

	Domain	Requested by
10	www.majorgeeks.com	1 redirects www.majorgeeks.com
6	g2.gumgum.com	cdn.thisiswaldo.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.majorgeeks.com
6	pagead2.googlesyndication.com	www.majorgeeks.com pagead2.googlesyndication.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.majorgeeks.com cdn.ampproject.org
3	cdn.ampproject.org	securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	c.amazon-adsystem.com	www.majorgeeks.com c.amazon-adsystem.com
3	s7.addthis.com	www.majorgeeks.com s7.addthis.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	ib.adnxs.com	cdn.thisiswaldo.com
2	www.google-analytics.com	1 redirects www.majorgeeks.com
2	www.googletagservices.com	www.majorgeeks.com pagead2.googlesyndication.com
2	cdn.thisiswaldo.com	www.majorgeeks.com cdn.thisiswaldo.com
1	sync.rtk.io	cdn.thisiswaldo.com
1	match.adsrvr.org	cdn.thisiswaldo.com
1	files2.majorgeeks.com	www.majorgeeks.com
1	www.google.com	www.majorgeeks.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	stats.g.doubleclick.net	www.majorgeeks.com
1	v1.addthisedge.com	s7.addthis.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	z.moatads.com	s7.addthis.com
1	www.facebook.com	www.majorgeeks.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ajax.googleapis.com	www.majorgeeks.com
1	cdn-images.mailchimp.com	www.majorgeeks.com
0	hb.emxdgt.com Failed	cdn.thisiswaldo.com
0	lockerdome.com Failed	cdn.thisiswaldo.com
0	dmx.districtm.io Failed	cdn.thisiswaldo.com
0	btlr.sharethrough.com Failed	cdn.thisiswaldo.com
0	as-sec.casalemedia.com Failed	cdn.thisiswaldo.com
0	bidder.rtk.io Failed	cdn.thisiswaldo.com
0	ssc.33across.com Failed	cdn.thisiswaldo.com
0	ipfind.co Failed	cdn.thisiswaldo.com
78	36

This site contains links to these domains. Also see Links.

Domain
www.reimageplus.com
www.contentteller.com
www.facebook.com
twitter.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
majorgeeks.com Let's Encrypt Authority X3	`2019-10-10` - `2020-01-08`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2019-06-16` - `2020-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2018-09-19` - `2020-11-18`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2019-09-18` - `2020-08-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.rtk.io COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2020-03-25`	3 years	crt.sh

This page contains 9 frames:

Frame: http://files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/0PatchInstaller_19.11.15.10650.msi
Frame ID: 74040171F8075D5F242F3E84DDEFBB65
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 9CCD76CEE873A952FDBA59584F9A757D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&w=1080&fwrn=4&lmt=1576072155&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&flash=0&wgl=1&adsid=NT&dt=1576072155390&bpp=17&bdt=490&fdt=71&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=3049763324456&frm=20&pv=2&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=8571563&dssz=18&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ra5fQ9uQrq&p=https%3A//www.majorgeeks.com&dtd=84
Frame ID: 0961AFC6E2C21621FF1372880E4104E7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Frame ID: 74B14A4696AB3F8BFD0880C87399BDED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1576072155&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576072155594&bpp=5&bdt=694&fdt=5&idt=5&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=3049763324456&frm=20&pv=1&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=674015920&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=9
Frame ID: CFFE7AD7C132DC3C46093494F03D772B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Frame ID: 74657ADDA7089856CBE2562B285FAFB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E92FA064DAF33559EEE4C68B43BB9884
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 548B61667BD7B2A1373FD1DE9C79B84C
Requests: 8 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 00695642C21D95F71556E50D5E926AA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

78
Requests

82 %
HTTPS

46 %
IPv6

28
Domains

36
Subdomains

27
IPs

7
Countries

924 kB
Transfer

2662 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reimageplus.com/includes/router_land.php?tracking=Majorgeeks&banner=dltxt
Title: Click Here to Repair/Restore Missing Windows OS Files Damaged by Malware

Search URL Search Domain Scan URL

URL: http://www.contentteller.com/
Title: Contentteller® Business Edition

Search URL Search Domain Scan URL

URL: http://www.facebook.com/majorgeeksdotcom
Title: Follow on FacebookFacebook

Search URL Search Domain Scan URL

URL: https://twitter.com/majorgeeks
Title: Follow on TwitterTwitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UC9-wz8Md_X6V3BCihYW3jig?sub_confirmation=1
Title: Follow on YouTubeYouTube

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=294884602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ul=en-us&de=UTF-8&dt=Download%200patch%2019.11.15.10650&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1534556185&gjid=1527546346&cid=1111942714.1576072155&tid=UA-956038-1&_gid=2075661064.1576072156&_r=1&z=415912887 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1111942714.1576072155&jid=1534556185&_gid=2075661064.1576072156&gjid=1527546346&_v=j79&z=415912887

Request Chain 55

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t

Request Chain 73

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=1pngtc1t4s2jkmnmp3iviafns0 HTTP 302
http://files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/0PatchInstaller_19.11.15.10650.msi

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 0patch,1.html Show response
www.majorgeeks.com/mg/getmirror/ 14 KB
6 KB 552ms
165ms Document
text/html 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d0e78282b77b94337c9b34657e0c34c9c13b811044ecaebf801e4cdfe234124

Request headers

Host: www.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Wed, 11 Dec 2019 13:50:43 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=1pngtc1t4s2jkmnmp3iviafns0; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5643
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
www.majorgeeks.com/core/javaload/ 95 KB
33 KB 155ms
154ms Script
text/html 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/core/javaload/jquery.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 47 KB
5 KB 424ms
150ms Stylesheet
text/css 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 4663

GET
H2 200 4107.js Show response
cdn.thisiswaldo.com/static/js/ 40 KB
9 KB 224ms
20ms Script
application/javascript 2600:9000:2156:8400:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/static/js/4107.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8400:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 350e4927f04aaa0585fa2f13949872d3c5a4f182a2098907ca7a581f18fc2892

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:55:44 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 17:42:04 GMT
server: Apache/2.4.7 (Ubuntu)
age: 71611
etag: "9eaa-59948e9e50ddc-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8924
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-id: AB9DG2APVY8aU_BtIdcYg85-yJqePnBbgg8PUXDKVzvobrwmKCUT5Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22824fe13f4f30dd81e278c927464ddf7888c554f1fe5d35c9dc1b84cfd38de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "363 / 246 of 1000 / last-modified: 1576004307"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15802
x-xss-protection: 0
expires: Wed, 11 Dec 2019 13:49:14 GMT

GET
H/1.1 200
OK majorgeeks.gif
www.majorgeeks.com/images/logos/ 16 KB
16 KB 695ms
135ms Image
image/gif 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/logos/majorgeeks.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Last-Modified: Thu, 30 Dec 2004 13:36:04 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4081-3ec755e169900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 16513

GET
H/1.1 200
OK click_here.gif
www.majorgeeks.com/images/ 1 KB
2 KB 394ms
135ms Image
image/gif 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/click_here.gif
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Last-Modified: Wed, 08 May 2013 03:02:26 GMT
Server: Apache/2.4.10 (Debian)
ETag: "5c4-4dc2c29df1480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1476

GET
H/1.1 200
OK red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 1 KB
2 KB 397ms
134ms Image
image/png 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Last-Modified: Wed, 08 May 2013 03:03:35 GMT
Server: Apache/2.4.10 (Debian)
ETag: "57a-4dc2c2dfbefc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1402

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
37 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

42835eddfccf126c4f65091c377c206334c2fb2838212d01965298cd4599b39f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37911
x-xss-protection: 0
server: cafe
etag: 2693738113432697870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Dec 2019 13:49:15 GMT

GET
H/1.1 200
OK advertisement.js Show response
www.majorgeeks.com/b/ 45 B
340 B 543ms
134ms Script
application/javascript 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.majorgeeks.com/b/advertisement.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Last-Modified: Sat, 29 Apr 2017 07:29:37 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2d-54e4926fdaee0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 45

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 210ms
33ms Stylesheet
text/css 143.204.90.251
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.251 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-251.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 11:28:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 66009
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
X-Amz-Cf-Id: x6IfNHaGGNJnd7LDokgxCf5F65E13gMXc57IMQNxY6FmMTJ0ri4W7w==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 11:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1822913
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 11:27:22 GMT

GET
H/1.1 200
OK index.php
www.majorgeeks.com/ 3 KB
3 KB 409ms
146ms Image
image/png 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:44 GMT
Content-Disposition: attachment; filename="index.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 2808
Server: Apache/2.4.10 (Debian)
Content-Type: image/png

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 83ms
28ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 30 Oct 2019 19:35:04 GMT
server: nginx/1.15.8
etag: W/"5db9e5e8-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Wed, 11 Dec 2019 13:49:15 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H2 200 prebid.js Show response
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ 231 KB
73 KB 11ms
9ms Script
application/javascript 2600:9000:2156:8400:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8400:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: a991d1bb704de602ce13555140a4c00814d95669523f47668a271e036cb161e0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 19:30:30 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 19:28:48 GMT
server: Apache/2.4.7 (Ubuntu)
age: 65925
etag: "39dcd-5973f5fb6abfa-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: AlzF-8ZFNGVZOGqYbBlceQzKoDfsoCMthiFCb29ayLADBxLw5XFBAw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 88 KB
26 KB 118ms
57ms Script
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 15:51:58 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA50-C1
etag: f95fda3d4fe6103808d969fc52fa66db
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: ytY74zy57QZWUsQu80NHljsnYLk7OX5OnFduwCJv7AgeW49nHB0iGw==
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)

GET me
ipfind.co/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 55ms
54ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62423
x-xss-protection: 0
expires: Wed, 11 Dec 2019 13:49:15 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 225 KB
85 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86385
x-xss-protection: 0
server: cafe
etag: 4513681422076315165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Dec 2019 13:49:15 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 9CCD 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191205/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Dec 2019 17:43:23 GMT
expires: Thu, 19 Dec 2019 17:43:23 GMT
content-type: text/html; charset=UTF-8
etag: 13309989325511048345
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6574
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 504352
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0961 0
0 311ms
311ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&w=1080&fwrn=4&lmt=1576072155&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&flash=0&wgl=1&adsid=NT&dt=1576072155390&bpp=17&bdt=490&fdt=71&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=3049763324456&frm=20&pv=2&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=8571563&dssz=18&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ra5fQ9uQrq&p=https%3A//www.majorgeeks.com&dtd=84

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2837546306&adf=136958058&w=1080&fwrn=4&lmt=1576072155&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1080x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&flash=0&wgl=1&adsid=NT&dt=1576072155390&bpp=17&bdt=490&fdt=71&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=3049763324456&frm=20&pv=2&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=8571563&dssz=18&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ra5fQ9uQrq&p=https%3A//www.majorgeeks.com&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Dec 2019 13:49:15 GMT
server: cafe
content-length: 23674
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Dec-2019 14:04:15 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 11 Dec 2019 13:49:15 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Wed, 11 Dec 2019 13:49:15 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 1135ms
28ms XHR
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com

Response headers

date: Tue, 10 Dec 2019 15:11:24 GMT
content-encoding: gzip
vary: Origin
age: 81473
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 01 Nov 2019 13:46:13 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jlJIHr9mGwRmAS4XCNKhtuePmFTWZZt9sFIiZxG01oga19b1uHsaUg==

GET
H2 200 page.php
www.facebook.com/plugins/ Frame 74B1 0
0 52ms
51ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: mZUnBV6dAMnfdD74wdgWawgnZ4dZbeoWzZL/+PcOTPHtVWjP9GklN3zChfJCIETffaccmBmf9EKtpU0KH9p7jA==
date: Wed, 11 Dec 2019 13:49:15 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4538
date: Wed, 11 Dec 2019 12:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 11 Dec 2019 14:33:37 GMT

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 52ms
16ms Script
application/x-javascript 95.100.197.246
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: C5DB1E7DD2B174DE
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=49540
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: lvUgJLeTqnD8r+Pbmjp4zeqWv6JQV90H1HnQC9urKJ+gtlQ7Ztu4gguQcSk27WP1aoa03938rOQ=

POST
H/1.1 200
OK new-impression Show response
thisiswaldo.com/ 1 B
372 B 2854ms
167ms XHR
text/html 52.15.219.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/new-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.27

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 11 Dec 2019 13:49:18 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.27
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame CFFE 0
0 47ms
47ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1576072155&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576072155594&bpp=5&bdt=694&fdt=5&idt=5&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=3049763324456&frm=20&pv=1&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=674015920&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1576072155&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576072155594&bpp=5&bdt=694&fdt=5&idt=5&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1080x200&nras=1&correlator=3049763324456&frm=20&pv=1&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&ga_fc=0&iag=0&icsg=674015920&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=870722783704886&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Dec 2019 13:49:15 GMT
server: cafe
content-length: 566
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Dec-2019 14:04:15 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 11 Dec 2019 13:49:15 GMT
cache-control: private

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/majorgeeks/ 2 KB
983 B 35ms
34ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-36-164.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 391eed2637c38d8a7a879accd6aab88b8ff8f2454412c4cba4c454133c676913

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:15 GMT
content-encoding: gzip
surrogate-key: majorgeeks
server: Jetty(9.4.8.v20180619)
etag: -1028700731--gzip
vary: Accept-Encoding
cache-tag: majorgeeks
status: 200
cache-control: public, max-age=30, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 749

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=294884602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ul=en-us&de=UTF-8&dt=Download%200patch%2019....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1111942714.1576072155&jid=1534556185&_gid=2075661064.1576072156&gjid=1527546346&_v=j79&z=415912887

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1111942714.1576072155&jid=1534556185&_gid=2075661064.1576072156&gjid=1527546346&_v=j79&z=415912887

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 11 Dec 2019 13:49:15 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1111942714.1576072155&jid=1534556185&_gid=2075661064.1576072156&gjid=1527546346&_v=j79&z=415912887
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 31ms
30ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 11 Dec 2019 13:49:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6960825562757852&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20191204_140529&afm=0&as_count=1&d_count=2&ng_count=0&am_count=0&atf_count=3&mdns=0.468&alldns=0.468&allp=6&pgh=812&su=www.majorgeeks.com&r=0.1

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 99 B
492 B 153ms
153ms XHR
text/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&pid=acjugizWxLiTH&cb=0&ws=1600x1200&v=7.44.02&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&cfgv=0&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 2010678b589818b8347daf9ce515f75bc763def8c43e2c446be9ba66f50f5500

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com

Response headers

date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 113
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-id: uddzgj2_nMiKnSb1xFchybGOKLyXy5c_3LrwxshqeFjXnwJGwfI2DA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 722 B
1 KB 70ms
39ms XHR
application/json 185.33.223.209
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.209 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

314.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b4588ea4c926e7694d5521a5d2bb175867c5b69ef528f72f55ff971124cd64f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 11 Dec 2019 13:49:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.39.105.128; 89.39.105.128; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 60c8c613-4180-4a40-b8bb-a58177a03a5d
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
568 B 190ms
118ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28364&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b52bb2179644f7adc5520ffec555e04a542ad8283011217acaf8b744c884e627

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
568 B 166ms
95ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28364&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 783eb81b224fd0befe3bb8752496f78c89f48930af03826e44d54974b32a1d09

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
567 B 173ms
102ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28363&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31e5e370976f3f90eadf573ec2af17602f89f4c4ebd05e087337a5df7627254d

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
569 B 189ms
118ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a9480e9aa979cfb3190e4e51aa09d1d82c6357d32677c87386f6934f126d80d6

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
565 B 146ms
76ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00a58e848675a2dc97d647b85a421814cad3ea1099f2c12b0bdd2d8e0491b70f

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 123 B
566 B 161ms
91ms XHR
application/json 52.48.197.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-197-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 52a20ffe5f7c766a8f34bcc76bae7a9032a4c97d2e0be08bf434c0713e17a86f

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST hb
ssc.33across.com/api/v1/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 712 B
1 KB 93ms
26ms XHR
application/json 185.33.223.209
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.209 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

314.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

22420935010fc354fd98422bb09615c2978b2d0b211746e596c33718a5ac0e50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 11 Dec 2019 13:49:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.39.105.128; 89.39.105.128; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d90cf7b0-7430-4f4d-a19b-3d5579bfde01
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.majorgeeks.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET aardvark
bidder.rtk.io/IS9K/UzG9_Mc23_eu2l_7t7C_47W7_VPjY_ZUmA/ 0
0

GET cygnus
as-sec.casalemedia.com/ 0
0

GET v1
btlr.sharethrough.com/WYu2BXv1/ 0
0

POST v1
dmx.districtm.io/b/ 0
0

POST prebid
lockerdome.com/ladbid/ 0
0

POST /
hb.emxdgt.com/ 0
0

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 175 B
422 B 363ms
356ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=2d1e317b-5508-45a5-b9f4-4d3a68f94d33%2Cd97cd73b-1aac-4175-a0cd-8a0116e3c701%2C668f0a48-8e56-445c-acd9-12152024fd2a%2Cf9018eef-f43b-4a80-bb5e-b9d7f8ebc1eb%2C22d09214-adb8-4a2b-9847-c636515ec43e%2Ccce38aaf-d6d4-44dd-b8e7-3f2462661578&nocache=1576072155913&pubcid=d9aadf1a-0730-44b4-ab32-032e59f0e61a&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&aus=160x600%7C160x600%7C300x250%7C728x90%7C728x90%7C728x90%2C970x90&divIds=waldo-tag-4129%2Cwaldo-tag-4131%2Cwaldo-tag-4133%2Cwaldo-tag-4135%2Cwaldo-tag-4137%2Cwaldo-tag-4165&auid=540714821%2C540714823%2C540714825%2C540714827%2C540714833%2C540717872&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: e854fb92ffcf77835de4c6e7a0bef41a3c94d024213cbff60ab4e4973242954e

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:16 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 7465
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t

0
0

244ms
244ms

Document
text/html

52.94.220.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=Ax-lTWqnqEOLs9rjeBzvtHI|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

Server: Server
Date: Wed, 11 Dec 2019 13:49:17 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 182
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=Ax-lTWqnqEOLs9rjeBzvtHI; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 13:49:17 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 13:49:17 GMT; Path=/; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Wed, 11 Dec 2019 13:49:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Set-Cookie: ad-id=Ax-lTWqnqEOLs9rjeBzvtHI|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 13:49:17 GMT; Path=/; HttpOnly
Vary: User-Agent

GET
H2 200 143.3d8bb49f121080f7c65c.js Show response
s7.addthis.com/static/ 625 B
644 B 30ms
30ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-271"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 11 Dec 2019 13:49:16 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 404

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
11 KB 470ms
170ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=870722783704886&correlator=1307475180698527&output=ldjh&impl=fifs&adsid=NT&eid=21065311%2C21065113&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191211&iu_parts=8491498%2Cmajorgeeks160x600FX_1_Universal_Passback_5cb3376be0b33%2Cmajorgeeks160x600FX_2_Universal_Passback_5cb3376f45d33%2Cmajorgeeks300x250FL_1_Universal_Passback_5cb337727b556%2Cmajorgeeks728x90FL_1_Universal_Passback_5cb3377766824%2Cmajorgeeks728x90FS_2_Universal_Passback_5cb3377cf1db9%2Cmajorgeeks728x90FL_2_Universal_Passback_5cb61bcb694de%2Cmajorgeeks_videounit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=160x600%2C160x600%2C728x90%2C728x90%2C728x90%2C728x90%2C566x387&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576072158&dt=1576072158912&dlt=1576072154900&idt=535&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2169956885%2C685569949%2C1742432971%2C2207290719%2C756038641%2C3694277495%2C2025061566&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&dssz=33&icsg=10784252080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f69565953e931a236f6e49f5d79acccb3a0c4d0cecd517ccc277db5fa7746630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com

Response headers

date: Wed, 11 Dec 2019 13:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10881
x-xss-protection: 0
google-lineitem-id: 4831861873,4831861873,4832611826,4832611826,4832611826,4832611826,5058670500
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247611058,138247610572,138287316575,138287316983,138287634223,138287634514,138269533439
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
25 KB 355ms
55ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js?21065311

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24817
x-xss-protection: 0
expires: Wed, 11 Dec 2019 13:49:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 22ms
7ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 99 KB
31 KB 668ms
377ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=870722783704886&correlator=1307475180698527&output=ldjh&impl=fifs&adsid=NT&eid=21065311%2C21065113&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191211&iu_parts=124067137%2Cmajorgeeks160x600FX_1%2Cmajorgeeks160x600FX_2%2Cmajorgeeks300x250FL_1%2Cmajorgeeks728x90FL_1%2Cmajorgeeks728x90FS_2%2Cmajorgeeks728x90FL_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=160x600%2C160x600%2C300x250%2C728x90%2C728x90%2C728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576072158&dt=1576072158920&dlt=1576072154900&idt=535&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C436%2C468&adys=-9%2C-9%2C-9%2C-9%2C1110%2C64&adks=3895788400%2C2195804879%2C1630318685%2C2017226068%2C2774819944%2C3108622128&ucis=8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&dssz=34&icsg=2209807507632&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C1224x90&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C1224x90&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&fws=2%2C2%2C2%2C2%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

9bd9f1c9a6387bf7f26f7da199fdf0c2b1a7625a4274d37857bc28a7742c084e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com

Response headers

date: Wed, 11 Dec 2019 13:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31279
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=870722783704886&r=160x600&w=160&h=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=870722783704886&r=728x90&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E92F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 11 Dec 2019 12:57:22 GMT
expires: Thu, 10 Dec 2020 12:57:22 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3117
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
5 KB 91ms
91ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=870722783704886&correlator=3468255072131168&output=ldjh&impl=fifs&adsid=NT&eid=21065311%2C21065113&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864%2C8%3A67108864&sc=1&sfv=1-0-37&ecs=20191211&iu_parts=8491498%2Cmajorgeeks728x90FL_2_Universal_Passback_5cb61bcb694de&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&eri=1&cookie=ID%3D6d38a4af4b695e71%3AT%3D1576072159%3AS%3DALNI_MZXo_qtjWCDcJ6u_MVX3nHQh0fEtg&cookie_enabled=1&bc=31&abxe=1&lmt=1576072159&dt=1576072159615&dlt=1576072154900&idt=535&frm=20&biw=1600&bih=1200&oid=3&adxs=468&adys=64&adks=3694277495&ucis=e&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&dssz=34&icsg=2209807507632&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1224x90&msz=1224x90&psts=CjEI8biBgBJCBY-xxrEBeAHoAbLFzIGDBIICDaqfyQOioMkDxpyHoFHRAiSWs0bSRT3y%2CCjEI8biBgBJCBY-xxrEBeAHoAczBzIGDBIICDaqfyQOioMkDz5yHoFHRArbF1O-H0B2i%2CCjEI8puvgBJCBY-xxrEBeAHoAd_8w5SDBIICDaqfyQOioMkD2JyHoFHRAvZehN_zBdqx%2CCjEI8puvgBJCBY-xxrEBeAHoAff_w5SDBIICDaqfyQOioMkDnO-ToFHRAnMsd2W46cU8%2CCjEI8puvgBJCBY-xxrEBeAHoAa-u15SDBIICDaqfyQOioMkDn6iUoFHRAlN9_104S39O%2CCigIpN-U7BLoAf_JhoyDBIICDaqfyQOioMkD27L8olHRAiwx7Ynn0a5Y&ga_vid=1111942714.1576072155&ga_sid=1576072155&ga_hid=294884602&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6d55f82997fdbcf3828636ebb53b0bffd947fb8c30ea54736f320540966651e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com

Response headers

date: Wed, 11 Dec 2019 13:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4569
x-xss-protection: 0
google-lineitem-id: 4832611826
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287634514
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.majorgeeks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ 20 KB
7 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 832
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Wed, 11 Dec 2019 13:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Dec 2020 13:35:27 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 548B 200 KB
54 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2768
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Wed, 11 Dec 2019 13:03:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Dec 2020 13:03:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 548B 151 KB
41 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js?21065311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2029
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Wed, 11 Dec 2019 13:15:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Dec 2020 13:15:30 GMT

GET
DATA 200
OK truncated
/ Frame 548B 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f3642e704924f4d60ac8ac55402321b55c8e5c69776945bd1aee4813df94b59

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 670127470660449242
tpc.googlesyndication.com/simgad/ Frame 548B 43 KB
43 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/670127470660449242

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2b325bc484cc37d9797656e6090a218c2d3a48f34c26f45c2ccbfa2d503d4f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 11:19:14 GMT
x-content-type-options: nosniff
age: 1737005
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43822
x-xss-protection: 0
last-modified: Thu, 12 Sep 2019 20:36:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 11:19:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 548B 0
75 B 35ms
35ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCWyLfN9hejGtw6M_YbO8tvLjvmL_bRdOlR1QqwTELUigQzx-FoIictfo3_9lOO47eZubke7XStjkCMkjIY0AZ55YuXRqd5Jl4lg2w3EUmbg--i1R9E0Aqn5M9i4_YC8ayXAVVdZsSiW-ML1bEmCqHh4gqJcbpNPuEU-TiONkzFYPdVhY9tJ0EN39y5rcnM90XOKn097keKbGeQ5BSLz5NV6noCaS9OUcRDONdTCqTgRUrajqFxstlusQtQy_fhcOkpRpnppktujtCtMhRO_vefjM4BKlVG8dtWEjInL9jZQdXgBF0O8vL6qbtLo6cVlEATQ&sig=Cg0ArKJSzHypzCZJDWqhEAE&adurl=

Requested by

Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Dec 2019 13:49:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 548B 0
0 13ms
13ms Image
text/html 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5uO_7wgFsT9Ha0g6edeJBxF3ntBoKHToXvpNLqV9Zer_-CoGg4HLRoOhyvHlECba8t-sIodWL1aadHu__EgjTXsjE4A
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 670127470660449242
tpc.googlesyndication.com/simgad/ Frame 548B 43 KB
43 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/670127470660449242

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2b325bc484cc37d9797656e6090a218c2d3a48f34c26f45c2ccbfa2d503d4f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 11:19:14 GMT
x-content-type-options: nosniff
age: 1737005
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43822
x-xss-protection: 0
last-modified: Thu, 12 Sep 2019 20:36:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 11:19:14 GMT

GET
H/1.1

200
OK

0PatchInstaller_19.11.15.10650.msi
files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/
Redirect Chain

https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=1pngtc1t4s2jkmnmp3iviafns0
http://files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/0PatchInstaller_19.11.15.10650.msi

0
0

601ms
248ms

Document
application/x-msi

23.111.189.12
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: http://files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/0PatchInstaller_19.11.15.10650.msi
Requested by: Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Protocol: HTTP/1.1
Server: 23.111.189.12 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: files2.majorgeeks.com
Software: lighttpd/1.4.35 /
Resource Hash

Request headers

Host: files2.majorgeeks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: _ga=GA1.2.1111942714.1576072155; _gid=GA1.2.2075661064.1576072156; _gat=1; __gads=ID=6d38a4af4b695e71:T=1576072159:S=ALNI_MZXo_qtjWCDcJ6u_MVX3nHQh0fEtg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-msi
Accept-Ranges: bytes
ETag: "2816917226"
Last-Modified: Tue, 03 Dec 2019 13:34:34 GMT
Content-Length: 3185152
Date: Wed, 11 Dec 2019 13:54:34 GMT
Server: lighttpd/1.4.35

Redirect headers

Date: Wed, 11 Dec 2019 13:50:55 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://files2.majorgeeks.com/e2cd3a71650543bd9d2d28d661f5130890578f50/system/0PatchInstaller_19.11.15.10650.msi
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 548B 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRusENmOn13iTJ7gssP9aq6im-e_cMCWnm-T2xkUz-8EUWgCP_-o_zBfMchDPiH8ZhnvmvIwjJN5YAPKqMORia3pqy_LZZuPiqBDXWGmQ&sig=Cg0ArKJSzEeBu6jOAnIZEAE&id=ampim&o=468,64&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=115&tls=1115&g=100&h=100&tt=1115&r=v&adk=3694277495&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Dec 2019 13:49:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
539 B 101ms
33ms XHR
application/json 52.48.237.210
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=9zrfwmk&fmt=json
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.237.210 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-237-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b9380a09ab986371505ab96948159af9d62054b26743ff77aa66decd44f387b

Request headers

Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Origin: https://www.majorgeeks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Dec 2019 13:49:21 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.majorgeeks.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 10 Jan 2020 13:49:21 GMT

GET
H/1.1 200
OK Cookie set cs
sync.rtk.io/ Frame 0069 0
0 634ms
100ms Document
text/html 172.104.211.45
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.211.45 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1917-45.members.linode.com
Software: RTK CookiePixel/v1.1.0 /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Response headers

Date: Wed, 11 Dec 2019 13:49:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.1.0
Set-Cookie: rtkuuid=6404ec03-38c2-4ee3-ba77-c589b1580cee; Path=/; Domain=rtk.io; Expires=Tue, 10 Mar 2020 13:49:22 GMT
X-Rtk-Nid: li1285-251.members.linode.com:8002
Content-Encoding: gzip

GET
H/1.1 200
OK fanclose.png
www.majorgeeks.com/images/ 6 KB
6 KB 573ms
137ms Image
image/png 23.111.189.3
HIVELOCITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.majorgeeks.com/images/fanclose.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: majorgeeks.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705

Request headers

Referer: https://www.majorgeeks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Dec 2019 13:50:55 GMT
Last-Modified: Wed, 28 May 2014 03:41:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "18af-4fa6d97ccc000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6319

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipfind.co
URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: bidder.rtk.io
URL: https://bidder.rtk.io/IS9K/UzG9_Mc23_eu2l_7t7C_47W7_VPjY_ZUmA/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html&w=1600&h=1200&UzG9=3065984dcf00523&Mc23=315b81b98dde8e3&eu2l=3211f1e45fd01e&7t7C=33bc9037edc09e&47W7=34f9cf48a95d9b&VPjY=35ceffc317413d8&ZUmA=36128ffe4b7edcb&

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=296675&v=7.2&r=%7B%22id%22%3A%2237d062c418252ef%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2238a543becf5dcbb%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296675%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%22392c86deb34f3db%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296667%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22401dba2128fe0b7%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296681%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2241472ef8ec243fd%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296685%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22425f70560bc9452%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296677%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2243464762bc3380c%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296678%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2F0patch%2C1.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=cieTjdBGLSvp48HND2uY1F4y&bidId=454b3951c8d23a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.39.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%224107%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: lockerdome.com
URL: https://lockerdome.com/ladbid/prebid

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=3000&ts=1576072155912&src=pbjs

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.majorgeeks.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1pngtc1t4s2jkmnmp3iviafns0
www.majorgeeks.com/	1970-01-19 15:19:32	Name: __atuvc Value: 1%7C50
.majorgeeks.com/	1970-01-19 05:49:18	Name: _gid Value: GA1.2.2075661064.1576072156
www.majorgeeks.com/	1970-01-19 05:47:53	Name: __atuvs Value: 5df0f3db45dc06b0000
.doubleclick.net/	1970-01-19 15:09:28	Name: IDE Value: AHWqTUlvUnzK66TwgG1VshjgPNv8AF6weSgbOqZapgk5vT6FraGgBMkZBgCxblZW
.majorgeeks.com/	1970-01-19 05:47:52	Name: _gat Value: 1
www.majorgeeks.com/	1970-01-19 05:57:56	Name: popup_user_login Value: yes
.majorgeeks.com/	1970-01-19 23:19:04	Name: _ga Value: GA1.2.1111942714.1576072155

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.majorgeeks.com/mg/getmirror/0patch,1.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as-sec.casalemedia.com
bidder.rtk.io
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.thisiswaldo.com
dmx.districtm.io
files2.majorgeeks.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
ib.adnxs.com
ipfind.co
lockerdome.com
match.adsrvr.org
pagead2.googlesyndication.com
s7.addthis.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
sync.rtk.io
the-eighth-d.openx.net
thisiswaldo.com
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.majorgeeks.com
z.moatads.com
as-sec.casalemedia.com
bidder.rtk.io
btlr.sharethrough.com
dmx.districtm.io
hb.emxdgt.com
ipfind.co
lockerdome.com
ssc.33across.com
143.204.90.242
143.204.90.251
172.104.211.45
172.217.23.98
185.33.223.209
2.21.36.164
23.111.189.12
23.111.189.3
2600:9000:2156:8400:4:164e:ca00:93a1
2a00:1450:4001:808::200e
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::2004
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2001
2a00:1450:400c:c00::9d
2a03:2880:f11c:8083:face:b00c:0:25de
34.95.120.147
52.15.219.226
52.48.197.20
52.48.237.210
52.94.220.16
95.100.197.246
00a58e848675a2dc97d647b85a421814cad3ea1099f2c12b0bdd2d8e0491b70f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705
0f3642e704924f4d60ac8ac55402321b55c8e5c69776945bd1aee4813df94b59
1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a
1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5
2010678b589818b8347daf9ce515f75bc763def8c43e2c446be9ba66f50f5500
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
22420935010fc354fd98422bb09615c2978b2d0b211746e596c33718a5ac0e50
22824fe13f4f30dd81e278c927464ddf7888c554f1fe5d35c9dc1b84cfd38de9
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2b325bc484cc37d9797656e6090a218c2d3a48f34c26f45c2ccbfa2d503d4f65
2b9380a09ab986371505ab96948159af9d62054b26743ff77aa66decd44f387b
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
31e5e370976f3f90eadf573ec2af17602f89f4c4ebd05e087337a5df7627254d
350e4927f04aaa0585fa2f13949872d3c5a4f182a2098907ca7a581f18fc2892
391eed2637c38d8a7a879accd6aab88b8ff8f2454412c4cba4c454133c676913
3d0e78282b77b94337c9b34657e0c34c9c13b811044ecaebf801e4cdfe234124
42835eddfccf126c4f65091c377c206334c2fb2838212d01965298cd4599b39f
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b4588ea4c926e7694d5521a5d2bb175867c5b69ef528f72f55ff971124cd64f
52a20ffe5f7c766a8f34bcc76bae7a9032a4c97d2e0be08bf434c0713e17a86f
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d55f82997fdbcf3828636ebb53b0bffd947fb8c30ea54736f320540966651e2
72c527ba63560531a9c81b20413cd8276b8c1f066820e1ff9dc491c6d54f9b64
783eb81b224fd0befe3bb8752496f78c89f48930af03826e44d54974b32a1d09
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
9bd9f1c9a6387bf7f26f7da199fdf0c2b1a7625a4274d37857bc28a7742c084e
a9480e9aa979cfb3190e4e51aa09d1d82c6357d32677c87386f6934f126d80d6
a991d1bb704de602ce13555140a4c00814d95669523f47668a271e036cb161e0
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
b52bb2179644f7adc5520ffec555e04a542ad8283011217acaf8b744c884e627
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
e854fb92ffcf77835de4c6e7a0bef41a3c94d024213cbff60ab4e4973242954e
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86
f69565953e931a236f6e49f5d79acccb3a0c4d0cecd517ccc277db5fa7746630
f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96

www.majorgeeks.com Open in urlscan Pro 23.111.189.3 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

82 %HTTPS

46 %IPv6

28 Domains

36 Subdomains

27 IPs

7 Countries

924 kBTransfer

2662 kBSize

8 Cookies

6 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.majorgeeks.com Open in urlscan Pro
23.111.189.3 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

82 %
HTTPS

46 %
IPv6

28
Domains

36
Subdomains

27
IPs

7
Countries

924 kB
Transfer

2662 kB
Size

8
Cookies

78 HTTP transactions
1 data transactions