urlscan.io logo urlscan.io
SecurityTrails logo

www.majorgeeks.com Open in urlscan Pro
23.111.189.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Submission: On December 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 5 countries across 28 domains to perform 79 HTTP transactions. The main IP is 23.111.189.3, located in Tampa, United States and belongs to HVC-AS - HIVELOCITY, Inc., US. The main domain is www.majorgeeks.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 13th 2019. Valid for: 3 months.
This is the only time www.majorgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 23.111.189.3 29802 (HVC-AS)
2 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
4 23.111.189.6 29802 (HVC-AS)
1 143.204.211.232 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.210.248.44 16625 (AKAMAI-AS)
3 143.204.213.153 16509 (AMAZON-02)
1 54.215.238.227 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 216.58.207.66 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 23.210.250.213 16625 (AKAMAI-AS)
1 52.15.219.226 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.104.21.249 63949 (LINODE-AP...)
2 185.33.223.100 29990 (ASN-APPNEXUS)
6 208.100.17.175 32748 (STEADFAST)
1 34.95.120.147 15169 (GOOGLE)
1 52.29.78.64 16509 (AMAZON-02)
1 23.210.249.164 16625 (AKAMAI-AS)
1 18.196.104.43 16509 (AMAZON-02)
1 38.140.99.21 174 (COGENT-174)
1 104.16.68.69 13335 (CLOUDFLAR...)
6 54.76.246.227 16509 (AMAZON-02)
1 2 52.95.123.41 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.16.238.200 16509 (AMAZON-02)
1 172.104.211.45 63949 (LINODE-AP...)
1 23.111.189.12 29802 (HVC-AS)
79 34
10    23.111.189.3 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: majorgeeks.com
www.majorgeeks.com
2    2600:9000:2057:1200:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.thisiswaldo.com
2    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
9    2606:4700:20::681a:a30 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
img.gamedistribution.com
4    23.111.189.6 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: dev.majorgeeks.com
ra.majorgeeks.com
1    143.204.211.232 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-211-232.fra53.r.cloudfront.net
cdn-images.mailchimp.com
5    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
4    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
3    143.204.213.153 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-213-153.fra53.r.cloudfront.net
c.amazon-adsystem.com
1    54.215.238.227 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-215-238-227.us-west-1.compute.amazonaws.com
ipfind.co
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
4    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
1    52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
thisiswaldo.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    172.104.21.249 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1840-249.members.linode.com
bidder.rtk.io
2    185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    208.100.17.175 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip175.208-100-17.static.steadfastdns.net
ssc.33across.com
1    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
the-eighth-d.openx.net
1    52.29.78.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    38.140.99.21 (Wellsville, United States)

ASN174 (COGENT-174 - Cogent Communications, US)
lockerdome.com
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
6    54.76.246.227 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax-eu.amazon-adsystem.com
2    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    52.16.238.200 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    172.104.211.45 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1917-45.members.linode.com
sync.rtk.io
1    23.111.189.12 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: files2.majorgeeks.com
files2.majorgeeks.com
Domain Requested by
10 www.majorgeeks.com 1 redirects www.majorgeeks.com
www.googletagservices.com
9 img.gamedistribution.com www.majorgeeks.com
6 g2.gumgum.com cdn.thisiswaldo.com
6 ssc.33across.com cdn.thisiswaldo.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 ra.majorgeeks.com www.majorgeeks.com
ra.majorgeeks.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 c.amazon-adsystem.com www.majorgeeks.com
c.amazon-adsystem.com
3 s7.addthis.com www.majorgeeks.com
s7.addthis.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 ib.adnxs.com cdn.thisiswaldo.com
2 www.google-analytics.com 1 redirects www.majorgeeks.com
2 pagead2.googlesyndication.com www.majorgeeks.com
pagead2.googlesyndication.com
2 www.googletagservices.com www.majorgeeks.com
pagead2.googlesyndication.com
2 cdn.thisiswaldo.com www.majorgeeks.com
cdn.thisiswaldo.com
1 files2.majorgeeks.com www.majorgeeks.com
1 sync.rtk.io cdn.thisiswaldo.com
1 match.adsrvr.org cdn.thisiswaldo.com
1 dmx.districtm.io cdn.thisiswaldo.com
1 lockerdome.com cdn.thisiswaldo.com
1 hb.emxdgt.com cdn.thisiswaldo.com
1 as-sec.casalemedia.com cdn.thisiswaldo.com
1 btlr.sharethrough.com cdn.thisiswaldo.com
1 the-eighth-d.openx.net cdn.thisiswaldo.com
1 bidder.rtk.io cdn.thisiswaldo.com
1 stats.g.doubleclick.net www.majorgeeks.com
1 v1.addthisedge.com s7.addthis.com
1 thisiswaldo.com cdn.thisiswaldo.com
1 z.moatads.com s7.addthis.com
1 www.facebook.com www.majorgeeks.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 ipfind.co cdn.thisiswaldo.com
1 ajax.googleapis.com www.majorgeeks.com
1 cdn-images.mailchimp.com www.majorgeeks.com
79 36
Subject Issuer Validity Valid
majorgeeks.com
Let's Encrypt Authority X3		 2019-12-13 -
2020-03-12		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2019-06-16 -
2020-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
gamedistribution.com
CloudFlare Inc ECC CA-2		 2019-02-11 -
2020-02-11		 a year crt.sh
ra.majorgeeks.com
Let's Encrypt Authority X3		 2019-12-25 -
2020-03-24		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
ipfind.co
Amazon		 2019-03-31 -
2020-04-30		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2018-09-19 -
2020-11-18		 2 years crt.sh
*.rtk.io
COMODO RSA Domain Validation Secure Server CA		 2017-03-16 -
2020-03-25		 3 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2019-09-27 -
2020-11-26		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2019-09-18 -
2020-08-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 8 frames:

Frame: http://files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/msicuu2.exe
Frame ID: 25268DAF329C8CA2F2351EA3528886EF
Requests: 72 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Frame ID: 2CB905D7E0123679051DD0A5A3468747
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 745D1536EBA3DA911AB1AAE5EBE1C2C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1577296215&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&flash=0&wgl=1&adsid=NT&dt=1577296215647&bpp=23&bdt=567&fdt=119&idt=120&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4470085947968&frm=20&pv=2&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=548579552&dssz=29&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Lpxr8yeJNJ&p=https%3A//www.majorgeeks.com&dtd=131
Frame ID: 8D129D81F4C05089E9BD103E2EAFBBA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1577296215&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1577296215715&bpp=5&bdt=635&fdt=90&idt=91&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=4470085947968&frm=20&pv=1&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=137987533024&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Frame ID: 8F6D37681E303E4DEC15DD03D308C8FA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Frame ID: 4B008A740248B3A98126D1E19A42C468
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: C2F4CE7B3EE097007E4D0521CB7FEEE7
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: C46C682FCCC11EDF5232967E5C20674F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

79
Requests

99 %
HTTPS

32 %
IPv6

28
Domains

36
Subdomains

34
IPs

5
Countries

1657 kB
Transfer

3178 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1955273056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ul=en-us&de=UTF-8&dt=Download%20Windows%20Installer%20CleanUp%20Utility%207.2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=841338029&gjid=187090075&cid=1342597165.1577296216&tid=UA-956038-1&_gid=337615967.1577296216&_r=1&z=1564543341 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1342597165.1577296216&jid=841338029&_gid=337615967.1577296216&gjid=187090075&_v=j79&z=1564543341
Request Chain 65
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Request Chain 76
  • https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=ihohjag7rigkmquiei5702n470 HTTP 302
  • http://files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/msicuu2.exe

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set windows_installer_cleanup_utility,1.html
www.majorgeeks.com/mg/getmirror/ 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
8ac4484ea0c199348a8fee81963f89d5c886f5b900110fc40b1649e23606ca3d

Request headers

Host
www.majorgeeks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Date
Wed, 25 Dec 2019 17:51:47 GMT
Server
Apache/2.4.10 (Debian)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=ihohjag7rigkmquiei5702n470; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6907
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
jquery.js
www.majorgeeks.com/core/javaload/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/core/javaload/jquery.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:47 GMT
Content-Encoding
gzip
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
33760
index.php
www.majorgeeks.com/ 		47 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/index.php?ct=core&action=css&id=2
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Content-Encoding
gzip
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
4663
4107.js
cdn.thisiswaldo.com/static/js/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/4107.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1200:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
78cd8a8dfe1568a3cfa6fbe03c98e58ec4626d988a8b0d79438b66d3e49b1160

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 15:37:05 GMT
content-encoding
gzip
last-modified
Mon, 16 Dec 2019 15:15:24 GMT
server
Apache/2.4.7 (Ubuntu)
age
7990
etag
"9ebf-599d3ae47208e-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8937
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id
C8cqyKoDdhMnkaoaXsZ5vk5H4hutgH6yWv5eS_FssS5eG95PFSRP4A==
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"377 / 467 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15827
x-xss-protection
0
expires
Wed, 25 Dec 2019 17:50:15 GMT
christmas.gif
www.majorgeeks.com/images/logos/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/logos/christmas.gif
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
4c8c279bc5162b8e42db4b4752c60eb81ac73d62f454c2799f1761481640a0c8

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Last-Modified
Sun, 12 May 2013 04:27:53 GMT
Server
Apache/2.4.10 (Debian)
ETag
"4797-4dc7dd2d46440"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18327
click_here.gif
www.majorgeeks.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/click_here.gif
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Last-Modified
Wed, 08 May 2013 03:02:26 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5c4-4dc2c29df1480"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1476
red_icon_18x17px.png
www.majorgeeks.com/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/icons/red_icon_18x17px.png
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Last-Modified
Wed, 08 May 2013 03:03:35 GMT
Server
Apache/2.4.10 (Debian)
ETag
"57a-4dc2c2dfbefc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1402
eb0a65ba546641998d4d3210091793ec-512x384.jpeg
img.gamedistribution.com/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/eb0a65ba546641998d4d3210091793ec-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb313de54e7585070fadcf9681479805839381837125300498e3e82a5882a04b

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UojGeuTgxoqdJZLHVsFCD9PidFaGPVNsL0c5E5azA7M1b31_0-kFanfHq1afISs4J_kz2QJfOdHNSIutt9SSDJxYimIQg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
75102
cf-ray
54aca8034e60cba0-VIE
last-modified
Tue, 10 Dec 2019 15:19:26 GMT
server
cloudflare
etag
"dafd690da7b6a65977e112fa14695fd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=WH2MBg==, md5=2v1pDae2pll34RL6FGlf1w==
x-goog-generation
1575991166562591
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
75102
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
6fc726e37edc48c3b586f34adfc8aaab-512x384.jpeg
img.gamedistribution.com/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/6fc726e37edc48c3b586f34adfc8aaab-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc79942c812080078422c4fd2b073942086ec5aaf0a764ffc36c96c9a9675d1a

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UqIRPgvbuqpb3rFqXXkzXi4IqW-WWzciEbXjC-2OPcRpC5t5N70vVwZwkySoheRb3s6gGNJaPCyqq7HW9QY6klV88fwR_kLP_IniOYKzAi5SgoDguU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
60327
cf-ray
54aca8034e67cba0-VIE
last-modified
Sun, 15 Dec 2019 14:17:18 GMT
server
cloudflare
etag
"5cbfca634504b2ef76fe81b931578de1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=D3L66w==, md5=XL/KY0UEsu92/oG5MVeN4Q==
x-goog-generation
1576419438297984
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
60327
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
24ee58d1f7414de5b61f145341c7cfaa-512x512.jpeg
img.gamedistribution.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/24ee58d1f7414de5b61f145341c7cfaa-512x512.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b4b615fde1ca1608528ae267185703127c12e4d0d5b32684ea07ef13414672

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
1517
status
200
x-guploader-uploadid
AEnB2UpC-yBkVrhTiJEuLAkcbjPXPBjYJT-FllYZgUpuJF61jb22EaP36wEBVGDVXiCMZOt3JW_QTIok6Fr6FCKmWav2T7KMng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
27101
cf-ray
54aca8034e63cba0-VIE
last-modified
Fri, 13 Dec 2019 05:07:16 GMT
server
cloudflare
etag
"2a3d21e72494fac8ce9cef9043b1b262"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=egQ8gA==, md5=Kj0h5ySU+sjOnO+QQ7GyYg==
x-goog-generation
1576213636780348
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
27101
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 18:24:58 GMT
bd64b14f79bd47188f9acb4d3786ee86-512x384.jpeg
img.gamedistribution.com/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/bd64b14f79bd47188f9acb4d3786ee86-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d25d97f80de3540f1089b9057b1b54b698c0cc0d8bb3a54f2d506b08841ff3c

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UrcaEpMeKnawcXN7bWQ9eYVbGdgVQ_suXw3Bf69-bXVZaXoObwHTE9tReO-X2C1hUvQqldZvRy5dGiTIdXJfEoUX_gPVwjyo6lsl3QiBqc6JfDjhJU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
192601
cf-ray
54aca8034e5fcba0-VIE
last-modified
Thu, 12 Dec 2019 14:39:01 GMT
server
cloudflare
etag
"f0621d5fd93cffe9d9ec1ec3e7854061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3v+D1g==, md5=8GIdX9k8/+nZ7B7D54VAYQ==
x-goog-generation
1576161541527540
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
192601
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
b11b4d5c532248a8896345d14de9d089-512x384.jpeg
img.gamedistribution.com/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/b11b4d5c532248a8896345d14de9d089-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51de4e0999a25a2f729633f287a3d7cb238b1fbca391f487900dfa56dfe9026f

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2Up3RLnrWcWIDtNASRQ8Ek_4FSnVTAF5yrnVJ0OOzKAlMo1G9Mo4S61zw4VQodpDb2eewnBzEJHmJ51k5nvADC7696Q1HvKw-TTwKufFki6Rzl0lnIo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
106950
cf-ray
54aca8034e64cba0-VIE
last-modified
Tue, 10 Dec 2019 18:43:06 GMT
server
cloudflare
etag
"f09b04eabab79953b5ddc42cbc3e4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lhDFoQ==, md5=8JsE6rq3mVO13cQsvD5NWg==
x-goog-generation
1576003386768385
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
106950
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
1587c23efe0d4c1e8fc69d22429af8fd-512x384.jpeg
img.gamedistribution.com/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/1587c23efe0d4c1e8fc69d22429af8fd-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23425e5512f64adb740c10c2a3723fb6bceb165417e5622123cd42104f5d3d84

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2Uq345_PLtIIZLYMOncsPGyJSRbOOF9NVAKQBC4K2arOvQB32QTxhwm4JvOGxsnc1r8iDoCRnH8iL9Uw9rbornVJBItSvw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
166213
cf-ray
54aca8034e5ccba0-VIE
last-modified
Thu, 21 Nov 2019 12:48:42 GMT
server
cloudflare
etag
"40519a9eb27229c05d051b1d8f9a8711"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=XoMixw==, md5=QFGanrJyKcBdBRsdj5qHEQ==
x-goog-generation
1574340522250041
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
166213
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
1ab15ae75aaa4817b5a25d78d473344f-512x384.jpeg
img.gamedistribution.com/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/1ab15ae75aaa4817b5a25d78d473344f-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf90ca21914c9d32a2702ed62e6e3bc395f69f6d77e3a075ee9a580ce603553

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UpNUG6rtxEc-OKJofe2g00XU_aTBWfutA6YoD8oMlz_zToNHkvVacsuieI6YMhzszmH0Dm5g5fi6jR1Sa_LguiGh6evYdUkWoNrutjn50Qy4oF-Y0M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
80023
cf-ray
54aca8034e5acba0-VIE
last-modified
Sun, 01 Dec 2019 14:24:28 GMT
server
cloudflare
etag
"3bb1aaec0e8028e1257e3ef35bd512b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=UeYGEQ==, md5=O7Gq7A6AKOElfj7zW9UStQ==
x-goog-generation
1575210268491305
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
80023
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
70e909699e6b4f21978261f2764eadb5-512x384.jpeg
img.gamedistribution.com/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/70e909699e6b4f21978261f2764eadb5-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c85ad84deef889b1fe29dd29960d99be4d44f1cb97fdd4b9a8e5f4daf5bf643

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UqFR5FuuUqlye8xkSnq3Dc0r0AJKBwDmYLAS5tNgCZc4biCrE58V84VP1FpkDXoyPBy9j6WCNbZbGcQ8RE97OeN54rqvA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
70603
cf-ray
54aca8034e61cba0-VIE
last-modified
Mon, 02 Dec 2019 13:40:54 GMT
server
cloudflare
etag
"acb2b22689edc8f997c5cf822fe3a455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=JK7xCA==, md5=rLKyJontyPmXxc+CL+OkVQ==
x-goog-generation
1575294054528730
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
70603
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
08163ea04d194377b4f7aa044145b5c5-512x384.jpeg
img.gamedistribution.com/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamedistribution.com/08163ea04d194377b4f7aa044145b5c5-512x384.jpeg
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a30 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d10e75a80548e8a1067ccd6955890381609899ff9d07c93791dfee4fa5f64e

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
cf-cache-status
HIT
age
3418
status
200
x-guploader-uploadid
AEnB2UrIXW4hegrBSf-BuhpBYBPCd2RcDXTIvwDu12rE9WVAzauyqUB5W9urJqCj44WKOQMBdEgdxccx_9Qhg6Kuyf6UUusRWwC9JHvY3oNHwtTcseixszA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
86635
cf-ray
54aca8034e5ecba0-VIE
last-modified
Fri, 29 Nov 2019 21:29:48 GMT
server
cloudflare
etag
"6887ff0c81cfdc909427aea84146c9b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=V7ZgNQ==, md5=aIf/DIHP3JCUJ66oQUbJsA==
x-goog-generation
1575062988520500
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=43200
x-goog-stored-content-length
86635
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Dec 2019 17:53:17 GMT
asyncjs.php
ra.majorgeeks.com/www/delivery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ra.majorgeeks.com/www/delivery/asyncjs.php
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Server
Apache/2.4.10 (Debian)
ETag
e1ae6e2743255c6dac1aff6e1e0dbfb4
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=5, max=100
Expire
Wed, 25 Dec 2019 18:51:48 GMT
advertisement.js
www.majorgeeks.com/b/ 		45 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.majorgeeks.com/b/advertisement.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Last-Modified
Sat, 29 Apr 2017 07:29:37 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2d-54e4926fdaee0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
45
horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.232 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-232.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 08:48:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Dec 2015 16:21:55 GMT
Server
AmazonS3
Age
79424
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
X-Amz-Cf-Id
-8692LeMDO1yPLnBftd6p6JHkZn2k-YfeDSDR5zb3vvFqLsWSatBOw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Dec 2019 17:50:15 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 02:46:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486230
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 02:46:25 GMT
index.php
www.majorgeeks.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/index.php?ct=core&action=tasks
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:48 GMT
Content-Disposition
attachment; filename="index.png"
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
2808
Server
Apache/2.4.10 (Debian)
Content-Type
image/png
addthis_widget.js
s7.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 19:35:04 GMT
server
nginx/1.15.8
etag
"5db9e5e8-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 25 Dec 2019 17:50:15 GMT
x-host
s7.addthis.com
content-length
114924
prebid.js
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ 		231 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1200:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a991d1bb704de602ce13555140a4c00814d95669523f47668a271e036cb161e0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 06:26:18 GMT
content-encoding
gzip
last-modified
Wed, 13 Nov 2019 19:28:48 GMT
server
Apache/2.4.7 (Ubuntu)
age
41037
etag
"39dcd-5973f5fb6abfa-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
pqxQL6A10eJ3K9-64i1BUeNWizGW-abLcFsvLr3gioR70sS1PviVOw==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
Server /
Resource Hash
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 16:30:19 GMT
content-encoding
gzip
server
Server
age
4796
etag
6bed68e25cc35021d570267b56047ef8
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
SMhEbHMofOyZpsMuYvokKpjVdpFvP5RAnGxlU8AIimWfK6ZskvGm1Q==
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
me
ipfind.co/ 		330 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.238.227 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-215-238-227.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
912266e215c417bdb190876543311a59e488bcc38899908465904b54f418e13d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
server
Apache/2.4.18 (Ubuntu)
status
200
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.majorgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
330
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.majorgeeks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.majorgeeks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Wed, 25 Dec 2019 17:50:15 GMT
page.php
www.facebook.com/plugins/ Frame 2CB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmajorgeeksdotcom%2F&tabs=timeline&width=402&height=255&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=117729275063662
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
wibraD6z/WsKvUc7YybQ6k6DBqrqJQ/GPuy9BX/wlOZajqrkVvVxLHrOC3JUGCsnZIcsbbfswvoqvPZwiqnUkQ==
date
Wed, 25 Dec 2019 17:50:15 GMT
alt-svc
h3-24=":443"; ma=3600
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
86385
x-xss-protection
0
server
cafe
etag
4513681422076315165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 25 Dec 2019 17:50:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 745D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 19 Dec 2019 17:33:14 GMT
expires
Thu, 02 Jan 2020 17:33:14 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
519421
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4598
date
Wed, 25 Dec 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 25 Dec 2019 18:33:37 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:50:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
FBAF69B7861DE212
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=49856
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=
new-impression
thisiswaldo.com/ 		1 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thisiswaldo.com/new-impression
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/4107.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.27
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 25 Dec 2019 17:50:16 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.7 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.27
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Sun, 19 Nov 1978 05:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/majorgeeks/ 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/majorgeeks/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
11643704c9f40fe7459ad5323df878594de93259b3397adf70a0a99127396037

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
surrogate-key
majorgeeks
server
Jetty(9.4.8.v20180619)
etag
1927055077--gzip
vary
Accept-Encoding
cache-tag
majorgeeks
status
200
cache-control
public, max-age=30, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
750
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1955273056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ul=en-us&de=UTF-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1342597165.1577296216&jid=841338029&_gid=337615967.1577296216&gjid=187090075&_v=j79&z=1564543341
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1342597165.1577296216&jid=841338029&_gid=337615967.1577296216&gjid=187090075&_v=j79&z=1564543341
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 25 Dec 2019 17:50:15 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-956038-1&cid=1342597165.1577296216&jid=841338029&_gid=337615967.1577296216&gjid=187090075&_v=j79&z=1564543341
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
415
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

date
Wed, 25 Dec 2019 10:42:10 GMT
content-encoding
gzip
vary
Origin
age
25686
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QhOhYTNMRdBGh5t6GNJtbXc2_0t0ZUIiFWPQzMrZXY9xG2wfKyENaQ==
ads
googleads.g.doubleclick.net/pagead/ Frame 8D12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1577296215&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&flash=0&wgl=1&adsid=NT&dt=1577296215647&bpp=23&bdt=567&fdt=119&idt=120&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4470085947968&frm=20&pv=2&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=548579552&dssz=29&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Lpxr8yeJNJ&p=https%3A//www.majorgeeks.com&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6960825562757852&output=html&h=200&slotname=6756421832&adk=2227363089&adf=136958058&w=1070&fwrn=4&lmt=1577296215&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1070x200&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&flash=0&wgl=1&adsid=NT&dt=1577296215647&bpp=23&bdt=567&fdt=119&idt=120&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&correlator=4470085947968&frm=20&pv=2&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=548579552&dssz=29&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=1583&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Lpxr8yeJNJ&p=https%3A//www.majorgeeks.com&dtd=131
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 25 Dec 2019 17:50:16 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 25-Dec-2019 18:05:15 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 25 Dec 2019 17:50:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Wed, 25 Dec 2019 17:50:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8F6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1577296215&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1577296215715&bpp=5&bdt=635&fdt=90&idt=91&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=4470085947968&frm=20&pv=1&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=137987533024&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6960825562757852&output=html&adk=1812271804&adf=3025194257&lmt=1577296215&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1577296215715&bpp=5&bdt=635&fdt=90&idt=91&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1070x200&nras=1&correlator=4470085947968&frm=20&pv=1&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&ga_fc=0&iag=0&icsg=137987533024&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C21065274&oid=3&pvsid=3935275090832517&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 25 Dec 2019 17:50:15 GMT
server
cafe
content-length
450
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 25-Dec-2019 18:05:15 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 25 Dec 2019 17:50:15 GMT
cache-control
private
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 25 Dec 2019 17:50:15 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
bid
c.amazon-adsystem.com/e/dtb/ 		99 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&pid=iMG24i8ZXSX9Z&cb=0&ws=1600x1200&v=7.45.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks160x600FX_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks300x250FL_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FS_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22124067137%2Fmajorgeeks728x90FL_2%22%7D%5D&cfgv=0&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
Server /
Resource Hash
2010678b589818b8347daf9ce515f75bc763def8c43e2c446be9ba66f50f5500

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA53-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-id
ZqvJWK2Kry_VaCRWMO_GsbYtlkXySKcci1vt6lVlh51KJxoNIJiv9A==
aardvark
bidder.rtk.io/IS9K/UzG9_Mc23_eu2l_7t7C_47W7_VPjY_ZUmA/ 		951 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.rtk.io/IS9K/UzG9_Mc23_eu2l_7t7C_47W7_VPjY_ZUmA/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&w=1600&h=1200&UzG9=272f5933aa140f&Mc23=3e4ebd407303ca&eu2l=4b3e40a4bf40c8&7t7C=5f113d54c38415&47W7=64d2fb21fb098b&VPjY=79347f45ef79a&ZUmA=8acfb02e526576&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.104.21.249 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1840-249.members.linode.com
Software
RTK AdStorm/1.0 /
Resource Hash
56bbc03cca3e8eee5c40ad242ac0bb81a5b4995b66d91ec54ddd3103313a8b81

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:50:16 GMT
Content-Encoding
gzip
Server
RTK AdStorm/1.0
Etag
"2b6bf41c7340ddb2dbbe58385d06b8b50172a9ec"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Rtk-Nid
li697-125.members.linode.com:111
Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length
260
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		21 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:50:18 GMT
X-Proxy-Origin
89.34.96.84; 89.34.96.84; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid
70e277ab-a4ab-40a6-a4e3-93f949c9dfb1
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
21
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		118 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
4661adb27357a858718933e5b7c7740e14afea0a4272572fd333fea20cdc8d60

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
f62001d9b81b68b57873459cd4c4409dcb3ae82a0238d5681672cf1d981e848d

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
ef02e7783f20108845b3d4412eeec8dd628dc540b58e5aa3eb47d12cd735448e

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
356594a2f3ec3fe64f55c52e55b969c9bcb0c34887a97efe6106e0011b80bfeb

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		118 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
7f236a6bb981e6206f26f97fffa0a6efbf4b33fde76365762828791b7b41aba9

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
d76af0e9cd4c22c19c58949690708c7993a66382da20ab9e2a334486d4f183c3

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
arj
the-eighth-d.openx.net/w/1.0/ 		173 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=50e658b3-0d00-43e6-8f53-1220dbfd71b3%2C5cc64fab-ec27-4e2f-bd17-1dd2db5acf1a%2C2a067057-3615-4fce-9841-9e6fbb9af014%2C6d311483-cfc1-455e-bbf4-2c583524b0f7%2C57f7f762-5a96-4fcc-8b82-9a4a57a53d3a%2Ceb3ddd70-cc52-4d3a-9d49-3a8eb61fb7bf&nocache=1577296216093&pubcid=0ec774d3-feea-4c11-8dbc-574f180d11ef&schain=1.0%2C1!newormedia.com%2C4107%2C1%2C%2C%2C&aus=160x600%7C160x600%7C300x250%7C728x90%7C728x90%7C728x90%2C970x90&divIds=waldo-tag-4129%2Cwaldo-tag-4131%2Cwaldo-tag-4133%2Cwaldo-tag-4135%2Cwaldo-tag-4137%2Cwaldo-tag-4165&auid=540714821%2C540714823%2C540714825%2C540714827%2C540714833%2C540717872&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
a32481c3738f6bedd0623ddfebb73100ad41d2543a34c4603356f8a235d5fa5b

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
server
OXGW/16.173.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=cieTjdBGLSvp48HND2uY1F4y&bidId=3198b7875512ca6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.39.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%224107%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 25 Dec 2019 17:50:16 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.majorgeeks.com
vary
Origin
cygnus
as-sec.casalemedia.com/ 		25 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=296675&v=7.2&r=%7B%22id%22%3A%2232351c0246fd87b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2233702547bb1d28e%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296675%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2234fcfd877389c01%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296667%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2235f44b64f127c4d%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296681%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22361e28b02d3caf9%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296685%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22378438b8dcb6326%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296677%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%223890c1ea15a35f9%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22296678%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1798d8c0e4562358981fcca8f44688d7a2602346680c2c156a097a6bea5830da

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:50:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 25 Dec 2019 17:50:16 GMT
/
hb.emxdgt.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1577296216094&src=pbjs
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 25 Dec 2019 17:50:15 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
prebid
lockerdome.com/ladbid/ 		11 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
38.140.99.21 Wellsville, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 25 Dec 2019 17:50:16 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
31
v1
dmx.districtm.io/b/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.majorgeeks.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
54aca806f8bdce73-LHR
access-control-allow-headers
origin, content-type
imp
g2.gumgum.com/hbid/ 		123 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28364&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b626f30a094c9c9007f4fa2d4acc90c62c4b91ab0ed6549bb3c26a6e65ae2f4c

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28364&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77627d480988a66139786e7849096145e391aaa484863555476f8f3f0e6db484

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28363&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f78139ba1e1929db004b63af9e142c92680fa1d3c20b4f134c54bfa7b45ae69d

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a1265ea20f0ee7339adce99af46de008e969ba7e083d868bf0241dee04f9b6ac

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8a3ddf332d287eeb76ca1ba3a5f4de986e8c81b21e9ec39a6dfea587e2d118b1

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=28367&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
23f3608dd9c7d1098ffe5511293ac8d40a1234f12b8d3870026431a1e052f717

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		21 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:50:18 GMT
X-Proxy-Origin
89.34.96.84; 89.34.96.84; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid
0a08f912-268c-4891-8283-1bfa95b68c74
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
21
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
asyncspc.php
ra.majorgeeks.com/www/delivery/ 		909 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ra.majorgeeks.com/www/delivery/asyncspc.php?zones=4&prefix=revive-0-&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html
Requested by
Host: ra.majorgeeks.com
URL: https://ra.majorgeeks.com/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
25f369d5efda5bbbda16f4798adb79f05e975fecb88124e9244084a923274e83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:51:48 GMT
Server
Apache/2.4.10 (Debian)
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www.majorgeeks.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=99
Expires
0
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 4B00
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Accept-Encoding
gzip, deflate, br
Cookie
ad-id=Aypl7FWPUURBr6jnTD9PDMQ|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

Server
Server
Date
Wed, 25 Dec 2019 17:50:16 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
182
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=Aypl7FWPUURBr6jnTD9PDMQ; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 17:50:16 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 17:50:16 GMT; Path=/; HttpOnly
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Wed, 25 Dec 2019 17:50:16 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t
Set-Cookie
ad-id=Aypl7FWPUURBr6jnTD9PDMQ|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 17:50:16 GMT; Path=/; HttpOnly
Vary
User-Agent
d4db4f381cea0e53fae0dbbfa4dfba6d.png
ra.majorgeeks.com/www/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ra.majorgeeks.com/www/images/d4db4f381cea0e53fae0dbbfa4dfba6d.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:49 GMT
Last-Modified
Wed, 27 Feb 2019 19:03:04 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9150-582e4d2c8d220"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
37200
lg.php
ra.majorgeeks.com/www/delivery/ 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ra.majorgeeks.com/www/delivery/lg.php?bannerid=52&campaignid=3&zoneid=4&OACBLOCK=86400&OASCCAP=3&loc=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&cb=9c552493b4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.6 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
dev.majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 17:51:49 GMT
Server
Apache/2.4.10 (Debian)
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=97
Expires
0
143.3d8bb49f121080f7c65c.js
s7.addthis.com/static/ 		625 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-271"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 25 Dec 2019 17:50:16 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
404
ads
securepubads.g.doubleclick.net/gampad/ 		189 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3935275090832517&correlator=1573366989837394&output=ldjh&impl=fifs&adsid=NT&eid=21063048%2C21063635&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191225&iu_parts=124067137%2Cmajorgeeks160x600FX_1%2Cmajorgeeks160x600FX_2%2Cmajorgeeks300x250FL_1%2Cmajorgeeks728x90FL_1%2Cmajorgeeks728x90FS_2%2Cmajorgeeks728x90FL_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=160x600%2C160x600%2C300x250%2C728x90%2C728x90%2C728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1577296216&dt=1577296216880&dlt=1577296215080&idt=656&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C461&adys=-9%2C-9%2C-9%2C-9%2C-9%2C64&adks=3895788400%2C2195804879%2C1630318685%2C2017226068%2C2774819944%2C3108622128&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&dssz=32&icsg=2207800525024&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1212x90&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1212x90&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&fws=2%2C2%2C2%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
d0c26cd44bffd85a0aca8bd955b497477dc6b7377bca773972c2225121a9f1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

date
Wed, 25 Dec 2019 17:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53536
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 17:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Wed, 25 Dec 2019 17:50:16 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3935275090832517&correlator=1573366989837394&output=ldjh&impl=fifs&adsid=NT&eid=21063048%2C21063635&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191225&iu_parts=8491498%2Cmajorgeeks160x600FX_1_Universal_Passback_5cb3376be0b33%2Cmajorgeeks160x600FX_2_Universal_Passback_5cb3376f45d33%2Cmajorgeeks300x250FL_1_Universal_Passback_5cb337727b556%2Cmajorgeeks728x90FL_1_Universal_Passback_5cb3377766824%2Cmajorgeeks728x90FS_2_Universal_Passback_5cb3377cf1db9%2Cmajorgeeks728x90FL_2_Universal_Passback_5cb61bcb694de%2Cmajorgeeks_videounit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=160x600%2C160x600%2C728x90%2C728x90%2C728x90%2C728x90%2C566x387&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1577296216&dt=1577296216895&dlt=1577296215080&idt=656&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2169956885%2C685569949%2C1742432971%2C2207290719%2C756038641%2C3694277495%2C2025061566&ucis=7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.majorgeeks.com%2Fmg%2Fgetmirror%2Fwindows_installer_cleanup_utility%2C1.html&dssz=33&icsg=11003893547232&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1342597165.1577296216&ga_sid=1577296216&ga_hid=1955273056&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
436ca5c2aeda40957b61c5109ff056ce85965132cbfe719e3d5a98639c7bd1d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com

Response headers

date
Wed, 25 Dec 2019 17:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11040
x-xss-protection
0
google-lineitem-id
4831861873,4831861873,4832611826,4832611826,4832611826,4832611826,5058670500
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138247610707,138247611058,138287316575,138287634223,138287316983,138287634514,138269533439
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.majorgeeks.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C2F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 25 Dec 2019 13:09:24 GMT
expires
Thu, 24 Dec 2020 13:09:24 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
16853
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=9zrfwmk&fmt=json
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.238.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5665acaebae5da8932f4dee02fb87e87c61aeea6b1341675145852e68e2b6fcf

Request headers

Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Origin
https://www.majorgeeks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Dec 2019 17:50:20 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.majorgeeks.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 24 Jan 2020 17:50:20 GMT
Cookie set cs
sync.rtk.io/ Frame C46C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.rtk.io/cs
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.104.211.45 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1917-45.members.linode.com
Software
RTK CookiePixel/v1.1.0 /
Resource Hash

Request headers

Host
sync.rtk.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html

Response headers

Date
Wed, 25 Dec 2019 17:50:20 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Server
RTK CookiePixel/v1.1.0
Set-Cookie
rtkuuid=675b07be-e007-4217-b013-6cf199305e1d; Path=/; Domain=rtk.io; Expires=Tue, 24 Mar 2020 17:50:20 GMT
X-Rtk-Nid
li1037-230.members.linode.com:8002
Content-Encoding
gzip
msicuu2.exe
files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/
Redirect Chain
  • https://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=ihohjag7rigkmquiei5702n470
  • http://files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/msicuu2.exe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/msicuu2.exe
Requested by
Host: www.majorgeeks.com
URL: https://www.majorgeeks.com/mg/getmirror/windows_installer_cleanup_utility,1.html
Protocol
HTTP/1.1
Server
23.111.189.12 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
files2.majorgeeks.com
Software
lighttpd/1.4.35 /
Resource Hash

Request headers

Host
files2.majorgeeks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
_ga=GA1.2.1342597165.1577296216; _gid=GA1.2.337615967.1577296216; _gat=1; __gads=ID=7286cbae9ffa368d:T=1577296216:S=ALNI_MY5m3hC0JoCcINUfkMGhOyk4nnacg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/x-msdos-program
Accept-Ranges
bytes
ETag
"4006929078"
Last-Modified
Thu, 01 Oct 2009 18:30:20 GMT
Content-Length
359656
Date
Wed, 25 Dec 2019 17:55:40 GMT
Server
lighttpd/1.4.35

Redirect headers

Date
Wed, 25 Dec 2019 17:51:53 GMT
Server
Apache/2.4.10 (Debian)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
location
http://files2.majorgeeks.com/f07228856dcd9b73e5fea2e882ad16c057fe5990/system/msicuu2.exe
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
fanclose.png
www.majorgeeks.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.majorgeeks.com/images/fanclose.png
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.189.3 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS
majorgeeks.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705

Request headers

Referer
https://www.majorgeeks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 17:51:58 GMT
Last-Modified
Wed, 28 May 2014 03:41:52 GMT
Server
Apache/2.4.10 (Debian)
ETag
"18af-4fa6d97ccc000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6319

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery number| refEn number| tagsInitDone object| gptAdSlots string| adDomain object| breakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| allAdUnits object| blockAdsOn string| pubwiseSiteId number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoRestrictIp number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone function| adDomainCheck function| waldoInitScripts number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners object| amazonAdUnits function| waldoDisplayPassbacksBlockedPages function| waldoGetUserData function| waldoLoadPassback function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression object| waldo function| fetchHeaderBids function| waldoInitCmp function| hb_sroll_pause function| hb_refresh function| waldoAddCloseBtn function| waldoPassbackInit function| waldoInterstitialInit function| waldoInitTags function| hbRefreshBid function| hbRandomMinMaxRefresh function| getRandomNumber function| waldoGeoBidsCheck object| apstag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| pbjsChunk object| __core-js_shared__ object| _clrm object| adsbygoogle number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars string| GoogleAnalyticsObject function| ga function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto number| index object| addthis_share object| addthis_config boolean| google_noFetch number| __google_ad_urls_id object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| __@@##MUH object| _atw object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.majorgeeks.com/ Name: waldo-pbjs-pubCommonId
Value: 0ec774d3-feea-4c11-8dbc-574f180d11ef
www.majorgeeks.com/ Name: PHPSESSID
Value: ihohjag7rigkmquiei5702n470
www.majorgeeks.com/ Name: __atuvc
Value: 1%7C52
.majorgeeks.com/ Name: _gid
Value: GA1.2.337615967.1577296216
www.majorgeeks.com/ Name: __atuvs
Value: 5e03a1572fd50b25000
.majorgeeks.com/ Name: _gat
Value: 1
www.majorgeeks.com/ Name: popup_user_login
Value: yes
.majorgeeks.com/ Name: _ga
Value: GA1.2.1342597165.1577296216

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as-sec.casalemedia.com
bidder.rtk.io
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-images.mailchimp.com
cdn.thisiswaldo.com
dmx.districtm.io
files2.majorgeeks.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
ib.adnxs.com
img.gamedistribution.com
ipfind.co
lockerdome.com
match.adsrvr.org
pagead2.googlesyndication.com
ra.majorgeeks.com
s7.addthis.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
sync.rtk.io
the-eighth-d.openx.net
thisiswaldo.com
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.majorgeeks.com
z.moatads.com
104.16.68.69
143.204.211.232
143.204.213.153
172.104.21.249
172.104.211.45
18.196.104.43
185.33.223.100
208.100.17.175
216.58.207.66
23.111.189.12
23.111.189.3
23.111.189.6
23.210.248.44
23.210.249.164
23.210.250.213
2600:9000:2057:1200:4:164e:ca00:93a1
2606:4700:20::681a:a30
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c04::9a
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.120.147
38.140.99.21
52.15.219.226
52.16.238.200
52.29.78.64
52.95.123.41
54.215.238.227
54.76.246.227
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082e604c6d0948c178109103044b0b9d2b28ff6bc0e723330f3375711c44d699
095970f804a0dc514d244d3e18465c6ecb6fd717fbfa2de3a2a585c517d54705
0c85ad84deef889b1fe29dd29960d99be4d44f1cb97fdd4b9a8e5f4daf5bf643
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9
11643704c9f40fe7459ad5323df878594de93259b3397adf70a0a99127396037
1798d8c0e4562358981fcca8f44688d7a2602346680c2c156a097a6bea5830da
2010678b589818b8347daf9ce515f75bc763def8c43e2c446be9ba66f50f5500
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23425e5512f64adb740c10c2a3723fb6bceb165417e5622123cd42104f5d3d84
23f3608dd9c7d1098ffe5511293ac8d40a1234f12b8d3870026431a1e052f717
25f369d5efda5bbbda16f4798adb79f05e975fecb88124e9244084a923274e83
2c0653b4c3d5ca71a98a886c6347f142abc38307c2b9a2eed1979a4eb8b14beb
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
356594a2f3ec3fe64f55c52e55b969c9bcb0c34887a97efe6106e0011b80bfeb
35d10e75a80548e8a1067ccd6955890381609899ff9d07c93791dfee4fa5f64e
436ca5c2aeda40957b61c5109ff056ce85965132cbfe719e3d5a98639c7bd1d9
4661adb27357a858718933e5b7c7740e14afea0a4272572fd333fea20cdc8d60
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
4c8c279bc5162b8e42db4b4752c60eb81ac73d62f454c2799f1761481640a0c8
4cf90ca21914c9d32a2702ed62e6e3bc395f69f6d77e3a075ee9a580ce603553
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51de4e0999a25a2f729633f287a3d7cb238b1fbca391f487900dfa56dfe9026f
5665acaebae5da8932f4dee02fb87e87c61aeea6b1341675145852e68e2b6fcf
56bbc03cca3e8eee5c40ad242ac0bb81a5b4995b66d91ec54ddd3103313a8b81
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d195f38cc8525698d3f4155709ad064113caeea3c4c704e3feb7087499487d
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d25d97f80de3540f1089b9057b1b54b698c0cc0d8bb3a54f2d506b08841ff3c
77627d480988a66139786e7849096145e391aaa484863555476f8f3f0e6db484
78cd8a8dfe1568a3cfa6fbe03c98e58ec4626d988a8b0d79438b66d3e49b1160
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
7f236a6bb981e6206f26f97fffa0a6efbf4b33fde76365762828791b7b41aba9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
88b4b615fde1ca1608528ae267185703127c12e4d0d5b32684ea07ef13414672
8a3ddf332d287eeb76ca1ba3a5f4de986e8c81b21e9ec39a6dfea587e2d118b1
8ac4484ea0c199348a8fee81963f89d5c886f5b900110fc40b1649e23606ca3d
912266e215c417bdb190876543311a59e488bcc38899908465904b54f418e13d
9bcc41c7bb4443b38b0d32d8987d7a3450755b759702ba82d3c62a40ef5791e6
a1265ea20f0ee7339adce99af46de008e969ba7e083d868bf0241dee04f9b6ac
a32481c3738f6bedd0623ddfebb73100ad41d2543a34c4603356f8a235d5fa5b
a991d1bb704de602ce13555140a4c00814d95669523f47668a271e036cb161e0
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
b626f30a094c9c9007f4fa2d4acc90c62c4b91ab0ed6549bb3c26a6e65ae2f4c
d0c26cd44bffd85a0aca8bd955b497477dc6b7377bca773972c2225121a9f1ff
d76af0e9cd4c22c19c58949690708c7993a66382da20ab9e2a334486d4f183c3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71eacf7d0cb50af6e66dc841392af2ba1ffff13334ce5a279c58c8ab9e567a8
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef02e7783f20108845b3d4412eeec8dd628dc540b58e5aa3eb47d12cd735448e
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
f4317770af474af05a521a845a863eb2543b9fe47b1cc928e2b78aed2c975a86
f62001d9b81b68b57873459cd4c4409dcb3ae82a0238d5681672cf1d981e848d
f78139ba1e1929db004b63af9e142c92680fa1d3c20b4f134c54bfa7b45ae69d
fb313de54e7585070fadcf9681479805839381837125300498e3e82a5882a04b
fc79942c812080078422c4fd2b073942086ec5aaf0a764ffc36c96c9a9675d1a