Report - app2.mackeeperaff.com/land/189/

Report Overview

Submitted URL
app2.mackeeperaff.com/land/189/
IP
3.225.159.165
ASN
#14618 AMAZON-AES
Submitted
2022-11-09 03:00:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.160.97.225
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-10T11:11:31Z	602 B	3.1 kB	13.107.42.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	6.2 kB	13 kB	142.250.74.35
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	396 B	45 kB	216.239.34.178
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-10T15:35:05Z	390 B	69 kB	18.165.227.104
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	407 B	17 kB	142.250.74.10
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-10T11:31:10Z	348 B	1.9 kB	23.36.79.17
rp.liadm.com	2705	2017-02-01T21:43:30Z	2023-03-10T14:25:52Z	614 B	629 B	34.233.14.107
cdn.taboola.com	1040	2013-07-20T01:48:03Z	2023-03-10T11:40:01Z	383 B	19 kB	151.101.85.44
static-cdn.mackeeper.com	346539	2015-05-14T23:00:40Z	2023-03-09T23:57:31Z	7.2 kB	192 kB	52.84.93.61
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	496 B	568 B	64.233.165.155
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:42Z	670 B	568 B	216.239.32.36
b.clarity.ms	3462	2021-07-27T14:49:08Z	2023-03-10T14:05:02Z	919 B	580 B	20.75.32.255
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-10T09:34:37Z	380 B	630 B	20.234.93.27
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	2.6 kB	7.1 kB	142.250.74.130
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-10T13:12:29Z	771 B	7.6 kB	188.125.94.204
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	1.1 kB	1.5 kB	142.250.74.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	4.0 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.9 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.0 kB	28 kB	216.58.207.195
sc.lfeeder.com	17815	2020-09-08T08:51:01Z	2023-03-10T07:13:05Z	388 B	12 kB	18.244.140.17
cdn.linkedin.oribi.io	unknown	2022-10-19T16:36:39Z	2023-03-10T11:40:01Z	1.0 kB	1.0 kB	108.156.28.58
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-09T18:15:23Z	511 B	1.7 kB	18.244.114.105
trc-events.taboola.com	1779	2020-06-09T15:52:57Z	2023-03-10T11:40:03Z	674 B	370 B	141.226.228.48
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-10T09:34:35Z	2.1 kB	16 kB	204.79.197.200
tr.outbrain.com	2017	2017-04-12T09:58:35Z	2023-03-10T11:40:02Z	1.0 kB	491 B	70.42.32.95
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-10T11:11:31Z	1.0 kB	2.5 kB	13.107.42.14
app2.mackeeperaff.com	unknown	2022-06-14T10:53:06Z	2023-03-10T12:57:31Z	6.6 kB	197 kB	107.22.171.30
widget.trustpilot.com	6018	2017-02-01T20:05:34Z	2023-03-10T15:36:38Z	2.6 kB	11 kB	54.192.137.125
tr-rc.lfeeder.com	unknown	2022-10-20T11:48:08Z	2023-03-10T09:41:35Z	1.1 kB	396 B	52.84.93.55
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-10T10:16:19Z	793 B	1.1 kB	23.36.76.210
amplify.outbrain.com	2255	2017-04-12T09:58:35Z	2023-03-10T11:40:02Z	372 B	3.8 kB	23.38.201.81
b-code.liadm.com	3597	2016-01-19T11:23:52Z	2023-03-10T14:25:46Z	371 B	403 B	18.165.227.85
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-10T08:37:05Z	491 B	795 B	204.79.197.200
www.dwin1.com	4572	2012-06-20T09:16:16Z	2023-03-10T13:02:46Z	363 B	690 B	143.204.176.33
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	984 B	18.165.196.143
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	63 kB	34.120.237.76
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.4 kB	2.0 kB	142.250.74.132
vc.hotjar.io	2334	2019-04-16T12:33:25Z	2023-03-10T13:26:50Z	434 B	368 B	13.224.245.122
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-10T09:34:37Z	766 B	56 kB	13.107.246.53
browser.sentry-cdn.com	4393	2018-07-13T13:42:06Z	2023-03-10T12:42:44Z	419 B	52 kB	151.101.194.217
sp.analytics.yahoo.com	816	2014-01-31T21:48:24Z	2023-03-10T05:19:44Z	560 B	948 B	212.82.100.181
trc.taboola.com	602	2012-12-27T12:54:42Z	2023-03-10T09:42:15Z	1.3 kB	1.9 kB	151.101.85.44
t.adcell.com	43380	2018-11-13T19:43:50Z	2023-03-10T11:05:20Z	364 B	22 kB	185.5.82.77
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-10T09:34:35Z	382 B	630 B	13.224.245.61

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-09	medium	mackeeperaff.com	Sinkholed
2022-11-09	medium	mackeeperaff.com	Sinkholed
2022-11-09	medium	mackeeperaff.com	Sinkholed
2022-11-09	medium	mackeeperaff.com	Sinkholed
2022-11-09	medium	mackeeperaff.com	Sinkholed

JavaScript (52)

	URL	Size	First Seen	Last Seen
	app2.mackeeperaff.com/land/189/	405 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 1ce5d5ef780ccbfa3e1195870286b1a7 a5b385180eb58f9f0eea26b4873e5b66d104808c 31f3b31edf9edb5ab7c1bd1aeba3de2ea45a691238492d3b643f6df69deab1a3 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4	1.8 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:50 Last Seen2023-03-11 09:18:50 Times Seen1 Hash baa4eedafc6e30ac918e3361430c04e4 b6ea78a1ade77ea256bfd2252e1e8f29208d1c17 7701e40ea6257a52cbb673d6661c428bf4ddcc808cdbb3fe3d788b8da16d92ff Loading...

	static.hotjar.com/c/hotjar-190484.js?sv=7	8.0 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-190484.js?sv=7 IP 13.224.245.61 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:50 Last Seen2023-03-11 09:18:50 Times Seen1 Hash 40a69c4f9bab3d456a681a2fb1cf6259 70bfdca39ad8a3a93818d02e480874c9b879ded5 7fd87c480bdc237842e67084e3ce1bd099f2cfb95dd21ef277cd18ed50e8c37d Loading...

	www.dwin1.com/23738.js	32 kB	2023-03-11	2023-03-11
Pretty URL www.dwin1.com/23738.js IP 143.204.176.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:16:40 Last Seen2023-03-11 09:23:48 Times Seen1 Hash fd2c2e889deef01ddf08b651f1dba57b 5c02034df6529e332fd33d9bc78336b0a6356c87 d1a89bf053b0fc5fff5734afc52c9e5f2918afe15233aa6c4631bc1149479bb3 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	app2.mackeeperaff.com/land/189/	699 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 04b294684f6c20245c89a46bcb6245d2 321b532a4969bda37a05bf569229d26507740fc1 22e6130b9d2aa6d60d80b7c6bf137ec4e91479882003576825b5850dba4bd3a0 Loading...

	app2.mackeeperaff.com/land/189/	337 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 0f66a22815105cf476592582734e3647 13e34f98374041596bc9902b0505cfc4e9de3c18 bf4b58838de4f45b23c1176044c580c1dcf856c54dbc6355538823ec72661dc0 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4	1.8 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:50 Last Seen2023-03-11 09:18:50 Times Seen1 Hash 2772e696074deb4bb1a298ecf6b0df40 297905a86a208e5174dc96b065357629b4dc9134 e10a0f57a945ca34c4047768eb6bee7cb46f0c317d39514ebd5b4651b89c2c99 Loading...

	vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html	2.3 kB	2023-03-10	2023-03-17
Pretty URL vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html IP 18.244.114.105 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:23:49 Last Seen2023-03-17 21:22:49 Times Seen1 Hash 34086a2f3d61b9a459a6141d1343ece0 ae09be0d58acca43ea80769df13cbbfea21a9ccb f639e1347dd440a977783f03b6524b2deda7b39daa1060b3519c64c337c6ae55 Loading...

	app2.mackeeperaff.com/land/189/	424 B	2023-03-07	2023-03-17
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash 5347533fb6639394ff649eabf0aefb9e 2fc3d90ff47261a234617d7f5cbe2ac38c2461d2 d746c5cfd5b8336e955aeb9a81cfe0f47a3662706dd314a59d088d2c5fcd71dc Loading...

	app2.mackeeperaff.com/land/189/	337 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 79be018914a0e212bc1848239a431074 89038500bbb634bacb30a496456ade639eaa285f 7208041e315929ae918044e6380608c3e19ff9909ce043cc732981fd9d23ce01 Loading...

	snap.licdn.com/li.lms-analytics/insight.beta.min.js	13 kB	2023-03-08	2023-03-13
Pretty URL snap.licdn.com/li.lms-analytics/insight.beta.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:42 Last Seen2023-03-13 04:47:26 Times Seen1 Hash ccebe282ded746fbb6ea21ac6a200a36 75bb7beb33754f5a6fc3bee95674aef319613501 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4	1.8 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:51 Last Seen2023-03-11 09:18:51 Times Seen1 Hash b053fe46b7ad57f73bff837f858013b8 e21de9150b968f6546f9724a628e8a83e83030d0 d91a22f8dad379ea6620089bca35ebfcae9a2cbb0868b48fb9d59c2672c76d72 Loading...

	bat.bing.com/p/action/36002432.js	3.5 kB	2023-03-10	2023-03-11
Pretty URL bat.bing.com/p/action/36002432.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:26:25 Last Seen2023-03-11 15:57:29 Times Seen1 Hash bd540e427d128ed1c974c4902f3f31ef 7b803902ee814ee088f484a3b1b4356b6103f424 dbb501d39cab9813cf5fe315f765a139bbb8d4b0b9b8e90fc8692b549963adb3 Loading...

	browser.sentry-cdn.com/5.5.0/bundle.min.js	52 kB	2023-03-07	2024-04-25
Pretty URL browser.sentry-cdn.com/5.5.0/bundle.min.js IP 151.101.194.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-04-25 16:34:33 Times Seen261 Hash b1dcc6195d84cf50c3e882d3d515f848 06562c193663a31a3cabeaa18cffeb882084fcb6 8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb Loading...

	static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5	70 kB	2023-03-07	2023-03-17
Pretty URL static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5 IP 52.84.93.61 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:39 Last Seen2023-03-17 12:37:55 Times Seen1 Hash ae9c9df33a1c1fcfb8e94b7c77f9ad66 862dcfc4c4be086765c1bf9bb053e5df98a006e1 ea527b82fe8345a72041925c8c689f3926726f1692e6f24b39201a507880f8eb Loading...

	app2.mackeeperaff.com/land/189/	152 kB	2023-03-08	2023-03-11
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:04:39 Last Seen2023-03-11 15:35:43 Times Seen1 Hash 4a39d65f438e880fe34fc7efaf8e9c83 d4bbc068b1e939e142469c9942b6b436162b04e1 5863e18b549bdf6f8a1a57feed3995ac834b8a024f1246cd40db0ec71b2fa0b2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL	309 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:51 Last Seen2023-03-11 09:18:51 Times Seen1 Hash 5cd39f7084691c93e3a689ad19ad64a3 db9b6ae177d31e414a5aaafa8741b3e1369e6cef bd9fca260789579a2c123d7a3a360376aa7954fd0226115e737c5a34756415d5 Loading...

	app2.mackeeperaff.com/land/189/	482 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 72cde6308f914eb45f4db1d7f4b8c045 dda2360daf3ebfd93cb69e4d4099c4293d55f6d4 583225295b0abdd3b443b9b3c61b13a6e4ee78d6c9924cb35b188be2451c7f9d Loading...

	t.adcell.com/js/trad.js	57 kB	2023-03-07	2024-03-05
Pretty URL t.adcell.com/js/trad.js IP 185.5.82.77 ASN #20546 SOPRADO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-03-05 08:59:37 Times Seen218 Hash 56e1a43dcd8cf63a49a930cd5313b724 50bcc06085d9e7bab6849d3710ade4254ce0648a 77e3bdfb73066e1c7ce07b8e91e81b63380a761919fa65049925a0238fbbdd1c Loading...

	www.clarity.ms/tag/uet/36002432	1.9 kB	2023-03-10	2023-03-11
Pretty URL www.clarity.ms/tag/uet/36002432 IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:41:38 Last Seen2023-03-11 15:57:29 Times Seen1 Hash 9770f28401654e5e768494848701e47a edde748cafbabc61a115378117f609c4522a5dff 295e82f0899f6c3ca8584a2790f970836034301f06f7516baab767c162a262f7 Loading...

	connect.facebook.net/signals/config/1593188040964422?v=2.9.89&r=stable	300 kB	2023-03-10	2023-03-11
Pretty URL connect.facebook.net/signals/config/1593188040964422?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:40:03 Last Seen2023-03-11 11:22:45 Times Seen1 Hash 95cc5df9fa12077b2ca26aadb28a2016 d34c7f7d245ce9fb3f0ef48deb82733601a7344c b954832ba1f5f02421e752bb42c5b3bd7887199557f214942ac0c8375e8b1cd0 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 15:43:14 Times Seen37094809 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.204 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4	1.8 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:51 Last Seen2023-03-11 09:18:51 Times Seen1 Hash 4db8ac0a5d0c0d24cd7c96ce747aa037 8e0d97cd4a1fe2ce62c029a54798057c6e5c4fd7 27befc947d7c5a99e4b0bf4772f1068802df54fc078275c4c426cbe0629b898c Loading...

	cdn.taboola.com/libtrc/unip/1212352/tfa.js	58 kB	2023-03-10	2023-03-11
Pretty URL cdn.taboola.com/libtrc/unip/1212352/tfa.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:31:45 Last Seen2023-03-11 11:30:22 Times Seen1 Hash b996f2d0f0d0be5d0cba1d1124c39de2 38cc6874e1906e5a690734b3f7791598b41cd04b d9d13bca62bd87ad1e07dfd14c54454efe96af02e316fc6bf3aebb117836e1eb Loading...

	tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 IP 70.42.32.95 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js	19 kB	2023-03-07	2023-11-04
Pretty URL widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js IP 54.192.137.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-11-04 14:10:25 Times Seen853 Hash 09f25c4b4cb4f5d5bd2bf7adf3235bc0 dbe22054d87d6ef7127d98ceab7650eaa0f6ed68 f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb Loading...

	app2.mackeeperaff.com/land/189/	588 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash c9d4e5bed7ccc1b03104e2885cf292a3 d2acf0ee9b27f242e70529430ccfd06931ec35df 10206ecb0e2e51bca0336e31650f46fe2e973ad30cf917d95ef0320b9b045237 Loading...

	app2.mackeeperaff.com/land/189/	503 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 841221e1af44bf4cde48359d1083aeee b686d4d0d2c0d88da65327be20abba2a48680c43 4059ef3cc4904376a0bf39a4914976401f93a39c860359f82b1f6f5ae497cad0 Loading...

	sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js	32 kB	2023-03-11	2023-03-11
Pretty URL sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js IP 18.244.140.17 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:16:40 Last Seen2023-03-11 15:15:22 Times Seen1 Hash 77fbab55edf6780776ed0e11584a2d76 24f2346b9ade9b7f312a49cc30cad06632b09b39 757ba9ed9c958fce5599e3288abe3948eca35aed696ee4551dad018c3cff8082 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js	51 kB	2023-03-08	2023-05-08
Pretty URL widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:05 Last Seen2023-05-08 13:26:07 Times Seen125 Hash 1f166419e912fcb9283121b25418bd81 a0057bb68c35be553f45cdef5f0b444d066622c9 4760bf61bd6fc2e1e83d862478607dd6df56552ab7fa2cc5ac2e5a8f2929c092 Loading...

	amplify.outbrain.com/cp/obtp.js	8.3 kB	2023-03-11	2023-03-11
Pretty URL amplify.outbrain.com/cp/obtp.js IP 23.38.201.81 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:07:59 Last Seen2023-03-11 09:38:54 Times Seen1 Hash eb9bdc49d6df4c975ea1cbf5eccc01ff a6f09e09ce4a66f0af978dbd53ce279f6ab1db7f ff9372e128e5326a2cf226856f559dc712b27775ada536bd6ae4fde9af814d09 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-10	2023-10-31
Pretty URL connect.facebook.net/en_US/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:19:33 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 8938d4fc65afd3422bf533482ca33a53 2d92351d88fc6fd59cdac7d801753ac64ba52277 f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Loading...

	trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.5 kB	2023-03-11	2023-03-11
Pretty URL trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:18:51 Last Seen2023-03-11 09:18:51 Times Seen1 Hash b048e4f8c59bb6a7b89058728483a707 d9f64dbc36e17067ce356e630996e63a96754b73 2919434bbdf231c7a55da1d6b27a523fad39e8192ba19f60afae98fda86db7d0 Loading...

	static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790	39 kB	2023-03-08	2023-03-11
Pretty URL static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790 IP 52.84.93.61 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:04:39 Last Seen2023-03-11 15:35:43 Times Seen1 Hash 7e516217258446374981dd7cbc8dbac2 c5cb7d8828534dc61195281322e86399bf44bfc8 26cd54c0c177640bc5d713eda7b750f1a29d69d5e3cbbbea48a8c049cd065cf9 Loading...

	app2.mackeeperaff.com/land/189/	575 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash fd23ab21ac6df3738f562434dff77b27 d073eb3d67ea4ab2e29e39b946a80a5b5f1267dc 60d237e4e8dd361b8cbd222615bd4864d1192b4b3283672468d2a8aa3bd44334 Loading...

	b-code.liadm.com/a-015g.min.js	31 kB	2023-03-11	2023-03-11
Pretty URL b-code.liadm.com/a-015g.min.js IP 18.165.227.85 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:54:19 Last Seen2023-03-11 15:58:09 Times Seen1 Hash 3170bb5b27a58a91e39884a541badd94 d3ce04c480c6a1f37f2442d5a80613a54a039fba 2416e79ff017348d34458da1fc8812c6fff9aabe3d5c67daacc5580a380fa45d Loading...

	app2.mackeeperaff.com/land/189/	24 B	2023-03-07	2024-02-20
Pretty URL app2.mackeeperaff.com/land/189/ IP 107.22.171.30 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-02-20 08:47:34 Times Seen152 Hash d85ccf96a3a02100247cf1aa027b846c 06666b39fd8160daba3c4fb8f3e29cad947a4761 4c544325e83d44ed827db799758a19f902de1ed48bb6fd7f3ad477d32e11c9ba Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	997 B	2023-03-11	2023-03-11
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:16:40 Last Seen2023-03-11 09:52:03 Times Seen1 Hash fe5cbdf5f5ede3cc7089db0e69bda686 55e3e577654165376b46d33b474633eb5b5b91cb 32dc60f0505bcf00bcdff838e34496f9ec99898671d18e042328252936f28e34 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b7601e27c54b8a3553d90d7bf7614ec3	329 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash b7601e27c54b8a3553d90d7bf7614ec3 327ae03fcbf0dde093dab43626487869b13c653c 660661e9c7f0f890974bbbb23472af1bc93f90cba6c90f0ebb9dbcf9cf8355d4 Loading...

	#2 Eval - ce7cbaa2e4e5e3c1fe3059e5271d618e	70 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 13:17:40 Last Seen2023-03-11 15:57:29 Times Seen1 Hash ce7cbaa2e4e5e3c1fe3059e5271d618e 3e15e03eba00402e848b56292ef42a1467bc637a 6716fa795d4a8d25a90c9b338744c944b6c1e971e405b6af5e679157dbfeb8f0 Loading...

	#3 Eval - bd281b78b70f90b05e1dd781a159948f	89 B	2023-03-07	2023-08-03
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-08-03 05:44:53 Times Seen46 Hash bd281b78b70f90b05e1dd781a159948f b3b7b0aff6a60952836d55e2e807841d0323b3ee d5df103b3d6158b5ad05c19ce6f61d6a38c1b9c47f0ce213ac39dccf8a215f2f Loading...

	#4 Eval - 4575cafde558183741fc0c072a59ad7f	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash 4575cafde558183741fc0c072a59ad7f ea2c7dc1a2abb19e24723f51efb5adc5a9895b2e a12eb7029f1bb54eb1b2d9bad442cb478d95f413e74f7206f5f06f3782debb35 Loading...

	#5 Eval - a4712fadb1f12a110fcf3f86f75af07c	70 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 13:17:40 Last Seen2023-03-11 15:57:29 Times Seen1 Hash a4712fadb1f12a110fcf3f86f75af07c 08e2139f7bf6e0b8aeb2040e2467ce93dd43d159 bae5787e03e377dc6f167d2fbfe6582a6e3cda914705ffba600ac86468184f4c Loading...

	#6 Eval - 90ab2af2654c8ea9d0510e8bd1ad8d1f	76 B	2023-03-07	2023-08-03
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-08-03 05:44:53 Times Seen46 Hash 90ab2af2654c8ea9d0510e8bd1ad8d1f bd4801ff095e10f0b2f112d7a266d2ba12bf84f3 4ddd51fa56504fe5c4eaf5321c3bfe9c2f58d248208100f0b73fd2479c8be6b0 Loading...

	#7 Eval - 2a2dec42def0227864d275835a7d6a93	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash 2a2dec42def0227864d275835a7d6a93 b3c5fe7f6312d7910f7ab4142f5320295e2fe108 63b1c0ecb5b684e67c9fc03d7d624aafa39a6fabd1ffe7108f77e2e9ab11b623 Loading...

	#8 Eval - eddc10ac266c1fe4d363b98cda663e5e	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:02 Times Seen5 Hash eddc10ac266c1fe4d363b98cda663e5e c31146f3f1c4009489f59bf05afbeb86ec0e68b9 8da159a87b17690597f668f259e641f30925835c139dc682dbf026f304d898fe Loading...

	#9 Eval - 2846a42891c63bd969cff3992df2d786	70 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 13:17:40 Last Seen2023-03-11 15:57:29 Times Seen1 Hash 2846a42891c63bd969cff3992df2d786 86a7c396e50ab6d60276380549010d2afb6e3f60 18ab2e1c9bbca498e4045e1ebbb88fa29a6f523d583d2bd8fe5ccca3d912fd38 Loading...

	#10 Eval - c776045bc42d964e6a49288af905898d	333 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 13:17:40 Last Seen2023-03-11 15:57:29 Times Seen1 Hash c776045bc42d964e6a49288af905898d 889debeb2f449a7c60676b3e8174b7028af04ed8 aaf74f4b59fd2817e8df50523daba87448c6b44ffaa2fd1e1219f57fd22251c2 Loading...

HTTP Transactions (115)

URL IP Response Size

app2.mackeeperaff.com/land/189/

107.22.171.30

301 Moved Permanently

134 B

URL HTTP/1.1
app2.mackeeperaff.com/land/189/
IP
107.22.171.30:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /land/189/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 09 Nov 2022 03:00:42 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://app2.mackeeperaff.com:443/land/189/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7072
Expires: Wed, 09 Nov 2022 04:58:34 GMT
Date: Wed, 09 Nov 2022 03:00:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4621
Cache-Control: max-age=118050
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:42 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:48:12 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 613
Cache-Control: max-age=114042
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:42 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 10:41:24 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8907
Expires: Wed, 09 Nov 2022 05:29:09 GMT
Date: Wed, 09 Nov 2022 03:00:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: sfFJuF4yKWpPorAMM9ArgO7Ag+MlPA/hLjRjYYa4mFXDif4kX2sglvd4aaiMTnab/hS/j8X/vWJi9TGp+JBfrQ==
x-amz-request-id: 2CEWYPV6FVTP96PY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 02:11:33 GMT
age: 2949
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:00:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

18.165.196.143

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
18.165.196.143:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
b5602d8a76c4855bd6373325ccde6531
ebbd4ddfc9b609beea7e19191cd72a94a45b40bf
f88d26953f272485b54779bb39f34b040255b6ca322d80dbd36489edd50d72a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146143
Date: Wed, 09 Nov 2022 03:00:43 GMT
Etag: "636aafba-1d7"
Expires: Thu, 10 Nov 2022 19:36:26 GMT
Last-Modified: Tue, 08 Nov 2022 19:36:26 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 936c7ee6d0620cb8a766a50c04b3fa30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 96uRFnDJBp5rGghlOPR9R8kaIh47EvduGL8l973GipY0mRL8OXk8jg==

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4773
Cache-Control: max-age=113136
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:43 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:26:19 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.160.97.225

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.97.225:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: detAvwOQI2Zb/wKW5JVnHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Esa9CFJ5xZFxaLkpF/sGqOMuJeI=

browser.sentry-cdn.com/5.5.0/bundle.min.js

151.101.194.217

200 OK

52 kB

URL HTTP/2
browser.sentry-cdn.com/5.5.0/bundle.min.js
IP
151.101.194.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (51441)
Size
52 kB (51570 bytes)
Hash
b1dcc6195d84cf50c3e882d3d515f848
06562c193663a31a3cabeaa18cffeb882084fcb6
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb

HTTP Headers

GET /5.5.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 11 Nov 2022 05:27:37 GMT
last-modified: Fri, 05 Jul 2019 11:17:04 GMT
etag: W/"39339cf627bc67e34d4c623bea4c0b4a"
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:44 GMT
age: 31354389
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 51570
X-Firefox-Spdy: h2

widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

54.192.137.125

200 OK

6.1 kB

URL HTTP/2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
54.192.137.125:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size
6.1 kB (6124 bytes)
Hash
5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0

HTTP Headers

GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 03:16:31 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: NI6_kVfhevBPN231ZHVj4gHGWIAZ7cGySuWpiGPRv85UOw1Q6-dfDg==
age: 85453
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg

52.84.93.61

200 OK

2.6 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
data
Size
2.6 kB (2616 bytes)
Hash
bfa25d76e247a9c2b2c0e6c40a596e45
4652a7339179f41d8b4a7a2530d22cc5deb1112f
9125610b6411d7018a20032f71af8cfde27b0db27baaf5e8f95beaabdccfeeea

HTTP Headers

GET /mk-land/dist/svg/components/logo/mk-logo-ua.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Apr 2022 14:50:37 GMT
x-amz-version-id: sx6d65Ik.60EPUJCncti20jd8v0DNMRK
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:21:22 GMT
cache-control: public, max-age=604800
etag: W/"0443bcb5ae8253499f7df7f80c45fc8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: O0R_cINmSpztOD_Me4vCjo37uIuMx7NcIo-XfSEdr0BKyeU1BN4ADA==
age: 45574
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/trust.webp

52.84.93.61

200 OK

13 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/trust.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (12666 bytes)
Hash
b9aa4b0933eeb46267bdaa801d9d9d31
20de1f46aa26051c0e00ce2beff06854f10b6b9f
36967d4492ac9e2ba8477bb87f9c142b6c4d1fb99d476754ec6b3a1ed22b5be1

HTTP Headers

GET /mk-land/dist/images/landings/189/trust.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12666
date: Tue, 08 Nov 2022 07:33:37 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:57 GMT
etag: "b9aa4b0933eeb46267bdaa801d9d9d31"
cache-control: public, max-age=604800
x-amz-version-id: Eb55tjOTkym8AfSzuULPyS103Ex55ZS0
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: sMyOlAspbwVObNb95-U0x7gkgKuSys8FFYPgtK6tqhuYNU0GU39f4w==
age: 70028
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/macbook.webp

52.84.93.61

200 OK

128 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/macbook.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
128 kB (128184 bytes)
Hash
81201f3e2a6afd62000e3800b33c1fb8
ce32caf4ab517b121758188972d4954f73161c7c
ebfa9db76ae3bf2b287574ca08c1307b0e2041ebcd503eb070b125524af11bbc

HTTP Headers

GET /mk-land/dist/images/landings/189/macbook.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 128184
date: Fri, 04 Nov 2022 08:12:03 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:39 GMT
etag: "81201f3e2a6afd62000e3800b33c1fb8"
cache-control: public, max-age=604800
x-amz-version-id: hx_BbUaaVmPN5X3z_j40GLkYCX1Xbt4P
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: vhtRGfxN-Z4A0bsENosbvC4LmC5Gkx_1SZkCjdG4SIPYSSIKozecGQ==
age: 413322
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/btn__arrow_white.webp

52.84.93.61

200 OK

824 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/btn__arrow_white.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
824 B (824 bytes)
Hash
77d57961e87b47e38a8a8ffb6fcf74f9
e6ffedfe0331b0bcba6bdd2d63bf2bf60e1bf15d
a55e792765fd4162fde5cca5e88a8ec6e105b4445a16d9ece7fcd7d19ad00e38

HTTP Headers

GET /mk-land/dist/images/landings/189/btn__arrow_white.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 824
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:58 GMT
x-amz-version-id: 0z0aSTZNANvhhMDenso7XerOxJ73wAwx
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 21:27:30 GMT
cache-control: public, max-age=604800
etag: "77d57961e87b47e38a8a8ffb6fcf74f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: IKRFnxt3wmSnH3RKG6HzQtaM6Sc6sjh6Q9p4LuJ8l8J32bq65XUHkA==
age: 19995
X-Firefox-Spdy: h2

app2.mackeeperaff.com/land/189/

3.225.159.165

200 OK

156 kB

URL HTTP/2
app2.mackeeperaff.com/land/189/
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
156 kB (156341 bytes)
Hash
fd71433d1a427fde69b4871eb9c58abf
c14670e508bb371da114d17a442bf1776375ad49
daf2566cbe370e2db37cd6b8491411a048b37cffcc206b0e3841d519ead3a8bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /land/189/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:43 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src 'self' *.hotjar.com *.mackeeper.com;frame-ancestors 'none';frame-src 'self' 'unsafe-inline' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com *.cdn.onesignal.com *.onesignal.com *.criteo.com static-cdn.mackeeper.com;child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com blob: *.cdn.onesignal.com *.onesignal.com *.liadm.com static-cdn.mackeeper.com;form-action 'self' *.mackeeper.com *.facebook.com;img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com mc.yandex.ru cx.atdmt.com *.baidu.com *.gstatstrk.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.zoomsupport.com *.cloudmccloud.com linkconnector.com *.linkconnector.com *.linkedin.com https://p.adsymptotic.com *.clarity.ms *.lfeeder.com static-cdn.mackeeper.com *.imcounting.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net *.yimg.jp *.addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com *.baidu.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com cdnjs.cloudflare.com *.clickcease.com *.sentry-cdn.com *.criteo.net *.criteo.com https://snpa.licdn.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com *.the.sciencebehindecommerce.com *.licdn.com *.liadm.com *.clarity.ms *.adcell.com *.lfeeder.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.referrer.disqus.com *.google.com *.google.com.ua *.addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com *.googletagmanager.com;font-src 'self' data: *.doubleclick.net *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;object-src *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.liadm.com static-cdn.mackeeper.com;connect-src 'self' *.mackeeper.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net *.lcidc.liadm.com *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com *.pushdata.onesignal.com:* *.onesignal.com *.taboola.com *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com sentry.cloudmccloud.com *.liadm.com *.macupdate.com https://api.account.mackeeper.com https://api.account.sz.mackeeper.com https://api-ne.mackeeper.com *.adcell.com *.clarity.ms *.lfeeder.com *.static-cdn.mackeeper.com https://crm.account.mackeeper.com https://chat-crm.account.mackeeper.com static-cdn.mackeeper.com https://cdn.linkedin.oribi.io/
set-cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; expires=Wed, 09-Nov-2022 05:00:43 GMT; Max-Age=7200; path=/; secure; samesite=lax
mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D; expires=Wed, 09-Nov-2022 05:00:43 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
country=NO; expires=Mon, 08-May-2023 03:00:43 GMT; Max-Age=15552000; path=/; domain=.mackeeper.com; secure; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 720a9016ea89cc3a862b620a3af018f7
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp

52.84.93.61

200 OK

16 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (16320 bytes)
Hash
0b884be13d0553f50656549be0f1a897
e61eb5287b5d0d5520ef29a33f17c3b609dd91f5
801795b8d61b71566232e70d0cee0c0324ff025db66afbc92fefe6ccf2058842

HTTP Headers

GET /mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 16320
date: Fri, 04 Nov 2022 08:12:03 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:56 GMT
etag: "0b884be13d0553f50656549be0f1a897"
cache-control: public, max-age=604800
x-amz-version-id: iN_v_moRcMOgLSmQ4ImRvYNllA5SgFvF
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: 0G2hxnmOOJuAOzu4FyhCteXSTodfBf9wQ0t9CSPu_6SIofDSm5gvCA==
age: 413322
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/map.webp

52.84.93.61

200 OK

3.6 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/map.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.6 kB (3608 bytes)
Hash
7ca19b30945465fbde145f3fe1da456f
17497c7ef3d8f621bcc9f7e48c3ac8f518e68b81
d9599529d8221140e8fcb8eba22ad408b12bcd05ef6605777c35058cb3a384cb

HTTP Headers

GET /mk-land/dist/images/landings/189/map.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 3608
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:55 GMT
x-amz-version-id: Iay60t54rw79SZWup66tZBeR0r84lhdh
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 21:27:30 GMT
cache-control: public, max-age=604800
etag: "7ca19b30945465fbde145f3fe1da456f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: yMnfIxDZ3_56XIpV8RDUhzI1QnZ0-xqo27MQiKrW27TkBYHw_II9Kw==
age: 19995
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293

54.192.137.125

200 OK

1.9 kB

URL HTTP/2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
IP
54.192.137.125:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4945)
Size
1.9 kB (1930 bytes)
Hash
1b1a56d9c9fcf8acab07f238231461df
72d6d8ecdb249b20852dc54d67530d0280515bc1
73b167681ae290cac469afde469076a7f222d5c5d2746122b2eaf5d7b4699e91

HTTP Headers

GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Tue, 04 Oct 2022 10:33:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 07:47:27 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: qbh61vAb5w1zw86Hml28PkCHGf0GeTK507JilNBmOOR8TuOlhXlD6w==
age: 69866
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Size
13 kB (13052 bytes)
Hash
7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:26:57 GMT
expires: Thu, 02 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545627
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:26:57 GMT
expires: Thu, 02 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545627
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto

142.250.74.10

200 OK

16 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (50698)
Size
16 kB (16016 bytes)
Hash
c857b49564d19dd07a7ca94d214026f7
5a2437ed22b1ff2f92a6a0812ae64b1f245fc232
c2702ec65a57a47ad1d6ade69ebde1b978cfccd98e854c061fa000e48ffbfa48

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 03:00:44 GMT
date: Wed, 09 Nov 2022 03:00:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/star.webp

52.84.93.61

200 OK

276 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/star.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
276 B (276 bytes)
Hash
2ee49dcad0d956cb8de84883fca4be27
df332994a9b9682c35a8446109b1bf89860d4e61
61edec41e4a76e6a7261e16281a3e0d1f54fef8ee1de89dd9988294cc0729cf5

HTTP Headers

GET /mk-land/dist/images/landings/189/star.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 276
date: Wed, 02 Nov 2022 19:31:02 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:56 GMT
etag: "2ee49dcad0d956cb8de84883fca4be27"
cache-control: public, max-age=604800
x-amz-version-id: .JxM4S4q1B4W9xCj5qPlx_SGVYwXBTbA
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: haTDGwVaeuqTA8xZAexEcG6VzM_Wcn-ztuTYG0j5genGPqUmmxoTaA==
age: 545383
X-Firefox-Spdy: h2

widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US

54.192.137.125

200 OK

390 B

URL HTTP/2
widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
IP
54.192.137.125:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (881), with no line terminators
Size
390 B (390 bytes)
Hash
8afdfb6a08e70e5bc1fed4d52db5db0d
e837c3953f2c5690bcbf8660dfdb42def6e37566
45bcf8afdd45668e0211172ce973bf8b6bbf1606d5320c7dc5ef928a6e2958fe

HTTP Headers

GET /trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 390
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Wed, 09 Nov 2022 02:34:48 GMT
etag: "1746e3cfce555328a54224efcea5c90a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: XisvsmalaWI78L8pmd8Le61ncmv1mYRTCp5oLLvnnDCKw4LXe8NBgw==
age: 1556
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/189/tools.webp

52.84.93.61

200 OK

18 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/tools.webp
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
18 kB (18068 bytes)
Hash
40d3cc9a4df10afd29214d1112452634
eafa7529926aeed7c50dc38a42b1451ed68a75cb
dab6e51f288ee51c45ccdf41043a7dcfe80b929cbca244c5efd9bab2f69fab1e

HTTP Headers

GET /mk-land/dist/images/landings/189/tools.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 18068
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:17:00 GMT
x-amz-version-id: 1bi_Y_XCTKpnupmEavkD_lejn.sfGW.X
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: public, max-age=604800
etag: "40d3cc9a4df10afd29214d1112452634"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: rPpCNXyE-_gEyahyaUvV_CS7lTiZVzkBCHq7wnQCp3-Wo555LIHcEA==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive

widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32

54.192.137.125

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
IP
54.192.137.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 09 Nov 2022 03:00:44 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: Ng2ee6UmL0SYf1dIlwps1pN5thLaABSPdvTv6UdgGFsv9rAHGlkokg==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5125 bytes)
Hash
e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: c4f7c3d2-4c43-442e-a477-84a5baf6ff49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM4rXGdcoAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683b15-1aec78204d291cfe5061d179;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:54:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZH49PpL-lN1JhCh03uyZJqRLu5vHF1RDMIBKKCvHOaKYdDOASOdUcw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 19014
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12796 bytes)
Hash
bb3fe96fee7d9da0905d9d565b44fc32
c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee
2b602aa92c61c060a0cfa9b13a7bbbcb65388b91559702c4d509bf199cf30bed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12796
x-amzn-requestid: 31108e5a-3c69-4b62-99ea-1816df71a2aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDcEzooAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-708c32857b683c5a39046202;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hRbYl8z9BgnFvtV-7f14N5JoCSebFBrKB7-seyEJAFPN628ccXDjLw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 07:43:06 GMT
age: 69458
etag: "c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 73963
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7620 bytes)
Hash
b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 17898
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9313 bytes)
Hash
29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 19033
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11723 bytes)
Hash
251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hcOJnYBsbAtMobcAC_q19cCoOChDcKs-oIspAtNKskbYnoSHz2NmEg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
age: 19033
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
7000910ba22a59c03dd710c745cf4c4f
bb8023760f2e66d5f72c9dd2e1191edb9c724dc2
cf3f99eab13e4904b0cd61d5435191e2ee16db4c5fe686da15114ce0ab88cee1

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=225
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
X-N: S

tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==

52.84.93.55

200 OK

43 B

URL HTTP/2
tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP
52.84.93.55:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr-rc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Wed, 09 Nov 2022 03:00:45 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: vRpahoE9IAJ-T0X0fNDxn1g9TEJmAODkrsoSHCJ7tNrH5RvV6npVVA==
X-Firefox-Spdy: h2

sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js

18.244.140.17

200 OK

11 kB

URL HTTP/2
sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
IP
18.244.140.17:0
ASN
#0

File type
ASCII text, with very long lines (31923), with no line terminators
Size
11 kB (10907 bytes)
Hash
763b74af7be42af98af6848a7627c6b1
43fe403b0a5b7ceb1d8f7a5a2e4052b5d7dbc764
b787460dc63f3e791a4a66ef0a05a6e77ddde7c017dbadaf0e1d3a541a1efe16

HTTP Headers

GET /lftracker_v1_ywVkO4XWPeW7Z6Bj.js HTTP/1.1
Host: sc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 07:16:39 GMT
x-amz-version-id: WREyONWh6CViY1vkb7O6LJhSIb1uUUkg
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 02:46:46 GMT
cache-control: max-age=3600
etag: W/"77fbab55edf6780776ed0e11584a2d76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c35168d6765ec616de06013427e871a2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: Jb48jgQDAdLh6aOS7LEBqQQ0I-Bwh97xlforQS5wKeipltllmsLc_g==
age: 1154
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png

52.84.93.61

200 OK

407 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
407 B (407 bytes)
Hash
471c1c90d41a571f14162d7a8a9c8b9c
b08dfa2783c706945451a8f4890bdb9243936e78
eb625a455a490292aa2a7101dd7b3235bc4c92df0f08349c6663df51b7b66c27

HTTP Headers

GET /mk-land/dist/images/favicon_ua.png HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 407
date: Fri, 04 Nov 2022 05:04:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Apr 2022 09:52:27 GMT
etag: "471c1c90d41a571f14162d7a8a9c8b9c"
cache-control: public, max-age=604800
x-amz-version-id: fOjB1uVWJszrafJRMb0A4UZGtOA62i.I
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: y0jUndevpIF4oDVQWkeR3fqdyidU_CnR3XIbwXdiPz_aMR3yod6FaQ==
age: 424600
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

472 B

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (996)
Size
472 B (472 bytes)
Hash
9c84a489651025d1173e25b763aa9512
f11ffd7fc8aebb12204163c8c7de63e15b7f1a7e
a0690bf498581eb6f63de50ec2aa642fa995a4ff24bdc455aa449472ee21feb8

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=78553
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 472
x-cdn: AKAM
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

23.38.201.81

200 OK

3.4 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
23.38.201.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8312), with no line terminators
Size
3.4 kB (3351 bytes)
Hash
ea9a6e9430d6641a4ef487694eb987dd
bee56e411f593c933bfd53ef4906098963bc3d1e
76d12a1f57dcbb434e6b272abd0f99c18e33218904a8bd7d07165ec801709a88

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "eb9bdc49d6df4c975ea1cbf5eccc01ff:1667915675.222308"
Last-Modified: Tue, 08 Nov 2022 13:52:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 09 Nov 2022 03:20:45 GMT
Date: Wed, 09 Nov 2022 03:00:45 GMT
Content-Length: 3351
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH

216.239.34.178

200 OK

44 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH
IP
216.239.34.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43931 bytes)
Hash
c0e5bbabb2894da9f863bd61f92739d4
47ab513a39dc79c5e7d5052f53f6f095e4f423b7
7a1606a32f10bb85726140f91b106d21a92ede265a4d5fe476b461e83f67a362

HTTP Headers

GET /gtm/optimize.js?id=OPT-TVNW4WH HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 03:00:45 GMT
expires: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rp.liadm.com/j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true

34.233.14.107

200 OK

13 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true
IP
34.233.14.107:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

HTTP Headers

GET /j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
content-length: 13
trace-id: 092663d256722b9f
vary: Origin
request-time: 7
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: cd6e1768-99d2-4f37-a240-781543548d71
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4

142.250.74.130

200 OK

862 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1793), with no line terminators
Size
862 B (862 bytes)
Hash
5657427422d675c7d29fede9187fb441
a14c492c96d1be65bac27560ab038f40a08b565b
f291a2abc4fe73ab6e300eed7babb22235cbd4f36c80a632ddda9ac53392ac2a

HTTP Headers

GET /pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 862
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/bat.js

204.79.197.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11367 bytes)
Hash
293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0DBDA17E177667E70729B32916836625; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:45 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E22698C1BBE74BA8A3D1B0C18A799B42 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:45Z
date: Wed, 09 Nov 2022 03:00:44 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4869
Cache-Control: max-age=130128
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:09:33 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4

142.250.74.130

200 OK

861 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1793), with no line terminators
Size
861 B (861 bytes)
Hash
c0a3cec4d128b24539eb4cd131b7e4f9
1f393052b841782c20c70329a6d8d4deaf8187a5
c9406e1cf4271b3043eff31d65622a8607f76d1c0eac0b558e16f6f8929accc7

HTTP Headers

GET /pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app2.mackeeperaff.com/land/api/send-event

3.225.159.165

200 OK

27 kB

URL HTTP/2
app2.mackeeperaff.com/land/api/send-event
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (64251)
Size
27 kB (27440 bytes)
Hash
20a4c2cfb707ad978cc0ec135861ef0d
8aeed3fd70ca122be10d0fb29c6aafbe4548dff6
620cc7ebf1f10b8de7e1e35f5ce8b9fe3a6bdb7d25cccab192a398c4612e7e26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 104
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: ec4bcf3def81d4eca19f2633b0796178
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4

142.250.74.130

200 OK

861 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1793), with no line terminators
Size
861 B (861 bytes)
Hash
0867184ca62c6e345c551c253e43144b
c5124f4cea0a1920b4461c1dd54e05c8d5f1fa0d
090f9fd3968dab1eb8bc0d7f43ac9ecd009dfb8970055eddb26144406108a9ba

HTTP Headers

GET /pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:0
ASN
#10310 YAHOO-1

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: svbxKCYFAvV2ttp4OrbObs/9yi9ksBUUl66eKirdatUZONBQ1V8+sDES6qSu/KBfGtT2XushQVE=
x-amz-request-id: Y5X4TR8PVQS874XV
date: Wed, 09 Nov 2022 02:17:26 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 2600
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1

64.233.165.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app2.mackeeperaff.com/land/api/send-event

3.225.159.165

200 OK

101 B

URL HTTP/2
app2.mackeeperaff.com/land/api/send-event
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
101 B (101 bytes)
Hash
c1bcb881d5ed13078c01ad26966ff42b
6590c3e7e8eb1e5cff6c4fce2a7fbf260a41651c
c53ffaadab7b0d84c829e1271f50681b686ac1a282dccf4831f119486aa33779

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 102
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 3a539b3b53243a5afc0ab12008db2fd7
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4

142.250.74.130

200 OK

861 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1793), with no line terminators
Size
861 B (861 bytes)
Hash
f96574ce1de1e7766e112762cc672925
f3273ba2cddcc142dd9a309c46df71115b83b724
303a521f16b3288e9054a993c6f1f71c704da2c7940d62438e4c32fe29899584

HTTP Headers

GET /pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.132

302 Found

63 B

URL HTTP/2
www.google.com/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4869
Cache-Control: max-age=130128
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:09:33 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1&z=1189976468

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1&z=1189976468
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842&gtm=2oeb70&aip=1&z=1189976468 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token

108.156.28.58

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP
108.156.28.58:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://app2.mackeeperaff.com/
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Tue, 08 Nov 2022 07:22:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: _CKQ1SKu7X57lHyEM-Dgji8diUR6vDFAItJZGjJRoygDrapHaRudBQ==
age: 70686
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.yimg.com/wi/config/10013499.json

188.125.94.204

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10013499.json
IP
188.125.94.204:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10013499.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 9F9T4CFJ1Q8645XF
x-amz-id-2: REjnVUucRhEtP+Zzwewx8mxbvobX0DLWMd7oA4P2/aW6TOad7a8JxEHmOuUyMp9h08rHfTwlaW4=
content-type: application/json
date: Wed, 09 Nov 2022 03:00:45 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/unip/1212352/tfa.js

151.101.85.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1212352/tfa.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58512)
Size
18 kB (17953 bytes)
Hash
4cd1353a06eb05dcb81236aa433f0136
096f9cfee304ae32a14271f399ce8b13f38148da
219af05bdae67b92f84a51c04fdc869ac8fca1e36959b051f07d60481b92b839

HTTP Headers

GET /libtrc/unip/1212352/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: X/DS1YqagttJ1fMd5QGqpHh4CC7HosPYbE8P8X9dc5cl0aGgnsgRCKo2vMFuXU5FD3XAFq7CqHs=
x-amz-request-id: HGBV3YASJWR89C4Q
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Nov 2022 11:06:43 GMT
etag: "b996f2d0f0d0be5d0cba1d1124c39de2"
x-amz-version-id: BP9V5mjwRykTl55M13vQXHW.pmXFZRn0
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:45 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667962846.721617,VS0,VE215
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 99
content-length: 17953
X-Firefox-Spdy: h2

vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

18.244.114.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP
18.244.114.105:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079

HTTP Headers

GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7e7605dff243a25ecb1590c5d7dcc7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P6
x-amz-cf-id: jTLu1lUe3IwGG6Huqodd-ogLVznalJ3nxIO93A_d2QZwCkPRCNkI2A==
age: 398319
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token

108.156.28.58

200 OK

104 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP
108.156.28.58:0
ASN
#16509 AMAZON-02

File type
data
Size
104 B (104 bytes)
Hash
f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6

HTTP Headers

GET /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 09 Nov 2022 03:00:45 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: RB5qOwrrTnTCWFuIu6sbjxqNQc1C9Ugk3y8qAqMrf09xnMK_VpdBlw==
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2AB152B145A36581136540E644566498; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC47E284E34F48CFA5F46BCED62D8599 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=&lt=2283&evt=pageLoad&sv=1&rn=133132

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=&lt=2283&evt=pageLoad&sv=1&rn=133132
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=&lt=2283&evt=pageLoad&sv=1&rn=133132 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=22D5B3570E2B6F942D1CA1000FDE6EE1; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 014D36F862054877A6CA7C4D5C1BC063 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2

tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949

70.42.32.95

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
IP
70.42.32.95:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:00:46 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 31033f4b3ad5f43659552b8989006b2a
content-encoding: gzip

bat.bing.com/p/action/36002432.js

204.79.197.200

200 OK

1.4 kB

URL HTTP/2
bat.bing.com/p/action/36002432.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1423 bytes)
Hash
af03844de699f6e7e0ed552f725a22df
10eae56beeacb28641d52a664eccaf4818bad5fe
472f9e0968b39c41aa022478f9d20e01e5131d6bd50451676cefad81427420ac

HTTP Headers

GET /p/action/36002432.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1423
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=358C814A9438606002FC931D95CD617F; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9641FA2E78A144EBAD19C40B718258BA Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2

script.hotjar.com/modules.ce71d14bfe39cbc54662.js

18.165.227.104

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.ce71d14bfe39cbc54662.js
IP
18.165.227.104:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
68 kB (68393 bytes)
Hash
da0f5482259a7f9bc23abb5a00fd3164
fdd7393befd6e23d003e411f1345648a55e79a3d
654b2c6e204bcbc1cef44fe1822b8abca358b4fb2292e8cd2ae7308201aed86a

HTTP Headers

GET /modules.ce71d14bfe39cbc54662.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68393
date: Tue, 08 Nov 2022 14:40:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "da0f5482259a7f9bc23abb5a00fd3164"
last-modified: Tue, 08 Nov 2022 14:39:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7b5cd9167634df8189bb5a88ba570ee0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: WwTJLyiX7ufIoEloUR6S2bKE51Jik9NfcCX4u8rj9ZF89f9puM0pWQ==
age: 44440
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer=

70.42.32.95

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer=
IP
70.42.32.95:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:00:46 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 831ee79f1a5fe4c8c97482739d0b4f0c
content-encoding: gzip

sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:46 GMT
expires: Wed, 09 Nov 2022 03:00:46 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBN4Xa2MCEF0xHkVb0k5tyC4YORruulkFEgEBAQFpbGN0YwAAAAAA_eMAAA&S=AQAAApaVOrnFdDGLTNy0AwJSG8g; Expires=Thu, 9 Nov 2023 09:00:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLxrHstZ7CpsgAAAYRaVTu6Up7M-MqW3tINJkhNCX46W21Hq4JXE7ksib-06BNOCitOpFZzxuvGrQ; Max-Age=2592000; Expires=Fri, 09 Dec 2022 03:00:46 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLc-8bj4IHsZQAAAYRaVTu6mdd9sOfWzInD9awWFNebIvIom2ZsQf1hyor3sY2ClqN62tbLfhqzXIyykjgclg; Max-Age=2592000; Expires=Fri, 09 Dec 2022 03:00:46 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&d838277a-7102-4c94-8737-6deb8de0c45c"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 03:00:46 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2370:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQGZuUqux7BDL6iRoR5AS1motyRno-o1"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtANzxMCAOBYLFqCNmvA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0EFAA17024B54EA08186C59A02CD1331 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 0
X-Firefox-Spdy: h2

vc.hotjar.io/sessions/190484?s=0.25&r=0.060100563848200395

13.224.245.122

204 No Content

0 B

URL HTTP/2
vc.hotjar.io/sessions/190484?s=0.25&r=0.060100563848200395
IP
13.224.245.122:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sessions/190484?s=0.25&r=0.060100563848200395 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 09 Nov 2022 03:00:46 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 1d61815344be6df2eace7e0cbeebe716.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: X5qXMtxcZT2Q6tAcBD0uhu0MFpM-NJUbFqPJgAsvjvFV0o2amKoJTQ==
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&b8e745c0-8d77-4cb5-8630-e4030ffb6a32"; Domain=.linkedin.com; Expires=Thu, 09-Nov-2023 03:00:46 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221109030046e99720a9-4181-4523-8378-9dd93b35f732AQFjW1f-1GevvZIUxztjCL2yG94OcGKI"; Domain=.www.linkedin.com; Expires=Thu, 09-Nov-2023 03:00:46 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njc5NjI4NDY7MjswMjFwfOYQox/OzqzzQZtJrPPHnF/Bq0+aprRDHn8fj+JKaA==; Domain=.linkedin.com; Expires=Mon, 08 May 2023 03:00:46 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2413:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQHNn04FQx4vS24DiQInrg_CmwN70kg4"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtANz0cKl30EwRG05bWg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A070469B5207492A97AEEF884623BF25 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 0
X-Firefox-Spdy: h2

trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.85.44

200 OK

1.4 kB

URL HTTP/2
trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2496), with no line terminators
Size
1.4 kB (1384 bytes)
Hash
d2e2f3b7912e54b8b9f493da18ec1855
f94e54b13d244c39b1479b3d19b49c010c226ce3
89622ae875428d03aee1bbec826c6473c59b5ffeceeb5eaaf9a87a68a7828b16

HTTP Headers

GET /1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667962846.024048,VS0,VE100
vary: Accept-Encoding
x-vcl-time-ms: 100
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.43/clarity.js

13.107.246.53

200 OK

55 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (55029)
Size
55 kB (55116 bytes)
Hash
441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

HTTP Headers

GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8eec314a76b4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 03hdrYwAAAABeud79ipGLSpXiUub6Mu8uU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&5f3c7e11-5f2d-46a3-8050-eaeff9191e99"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 03:00:46 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2426:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQHZqMqvkGhLuZ-eTGgHMxQ8AqMjfQVX"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtANz21fp3e2IxFVADvA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F2B2A33393C44FE5A2850E33AF2E68E9 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1560
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 26379
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0C795A19E9D965A83575484EEDD96B2F; domain=.clarity.ms; expires=Mon, 04-Dec-2023 03:00:47 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&MUID=0517425A5744629E0A5C500D56B16393
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0517425A5744629E0A5C500D56B16393; domain=c.bing.com; expires=Mon, 04-Dec-2023 03:00:47 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3066A47085C842A8800CA41E1173A5C5 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:47Z
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2

app2.mackeeperaff.com/land/api/send-event

3.225.159.165

200 OK

101 B

URL HTTP/2
app2.mackeeperaff.com/land/api/send-event
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
101 B (101 bytes)
Hash
555e55f825c4975348b5be2b6c986f6a
cb64861260e85bb76d53465a0950d768c2d85de7
4720817ffd9eafc28841689967f2b6e1d982ec907c191cf1ed5955d84785ed12

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 103
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D; _gcl_au=1.1.1526450521.1667962842; _ga_GYTXD89N1W=GS1.1.1667962841.1.0.1667962841.60.0.0; _ga=GA1.2.1965916643.1667962842; _li_dcdm_c=.mackeeperaff.com; _lc2_fpi=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax; _lfa=LF1.1.771195400e894e3a.1667962841943; _uetsid=b2c64b905fda11eda8a8e564e8df072b; _uetvid=b2c678805fda11ed99ac8dfb33d1ce28; _gid=GA1.2.107750066.1667962843; _gat_UA-157596782-1=1; ln_or=d; outbrain_cid_fetch=true; _hjSessionUser_190484=eyJpZCI6ImFiMmI0YjNmLWNiYWEtNTJkMy05ZGQ5LTczZjRkYjM2NWFkMCIsImNyZWF0ZWQiOjE2Njc5NjI4NDMwMzcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_190484=eyJpZCI6IjkxYjEzOTBjLWZlZjctNGFmZS1hMmZkLTBjZThlYWI3NTBiNyIsImNyZWF0ZWQiOjE2Njc5NjI4NDMwOTQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; _fbp=fb.1.1667962843204.1284009442; _clck=na19z2|1|f6f|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:47 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 178
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 24e97b4fff136ea84b3bf67b138df56d
X-Firefox-Spdy: h2

trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 03:00:47 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

t.adcell.com/js/trad.js

185.5.82.77

200 OK

22 kB

URL HTTP/2
t.adcell.com/js/trad.js
IP
185.5.82.77:0
ASN
#20546 SOPRADO GmbH

File type
Unicode text, UTF-8 text, with very long lines (33739), with NEL line terminators
Size
22 kB (21466 bytes)
Hash
203702e78f504e36ea49162300dd7e96
2d347480dfbd9d4c69bcc742e205062f689e5d00
37ee59a07e31b6568a71dbf9a3fdf32d573bb8a43964b0e0859d3bc9a08917dc

HTTP Headers

GET /js/trad.js HTTP/1.1
Host: t.adcell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: myracloud
date: Wed, 09 Nov 2022 03:00:44 GMT
content-type: text/javascript
strict-transport-security: max-age=15768000
content-encoding: gzip
vary: accept-encoding
expires: Wed, 09 Nov 2022 03:13:00 GMT
cache-control: max-age=900
etag: "myra-a01d5c09"
x-cdn: 1
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/fonts/MarkOT-Light.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: 0k6awkdioEQDqMMUsMLLZL0d1S0LNdte
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:36 GMT
cache-control: public, max-age=604800
etag: W/"48dd0f49a4207634e9062def9074a038"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: T5akbW2KmuQQkwaPDN6EWCuRaoW1IlBncRLV-qfcYlvwpNBtzVH9Iw==
age: 242240
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-190484.js?sv=7

13.224.245.61

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-190484.js?sv=7
IP
13.224.245.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-190484.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: max-age=60
etag: W/40a69c4f9bab3d456a681a2fb1cf6259
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 7654e8d5fbf72d40d262281571df7bae.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: 4CBmCeOIHaP-j-8mibGTxLWuOCAMCJHw_AewloIZmLUHFFKKeWuIrQ==
X-Firefox-Spdy: h2

b-code.liadm.com/a-015g.min.js

18.165.227.85

200 OK

0 B

URL HTTP/2
b-code.liadm.com/a-015g.min.js
IP
18.165.227.85:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /a-015g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 10:44:03 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: d1zc-dJXR_sg1LR1m4x8fdr2RaJQXlyoP7qCrmgoEey-3z1WYN8VUQ==
age: 58601
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/critical/script.min.js?713042b92e8e26034ff5 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: PENDING
last-modified: Tue, 01 Nov 2022 14:19:26 GMT
x-amz-version-id: mBt3HOpoZzV_BXxKf5m06Uut_dgFAc_H
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:21:22 GMT
cache-control: public, max-age=604800
etag: W/"ae9c9df33a1c1fcfb8e94b7c77f9ad66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: HYIkEmRXinKNNO-Q_QGKRXDZWHy2eaLxAvs-VlVpBGqmpu_Vmg6kkg==
age: 157735
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:18:44 GMT
x-amz-version-id: MqlWLhbTvSNRNbExGkOtw0bKSdtMf3rQ
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 01:04:12 GMT
cache-control: public, max-age=604800
etag: W/"f39243185bab35a6e62fc592e4ee5976"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: nYGGqyIxQlFiH1aBnP_3VThhYYgDZ5iiNVHdqZkG7VRjMdQGDcnxMA==
age: 6993
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/189/script.min.js?410f45539e1dbcb98790 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 19:07:25 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:42 GMT
etag: W/"7e516217258446374981dd7cbc8dbac2"
cache-control: public, max-age=604800
x-amz-version-id: s73Qlchvu6bwh5MmjxIODNWG2jTqcwP_
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: mrGhSQkC34A4JCD5mPhlVMGoUwHrBH7sawfMs27RmA5fh_L3gp70eg==
age: 28400
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/fonts/MarkOT-Medium.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:12 GMT
x-amz-version-id: adnRDSe0awZldw3c8I6M4tTQa_wDyvz_
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:36 GMT
cache-control: public, max-age=604800
etag: W/"44a8a536b53be74bb2ebfc4fa3403364"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: AiFp-F42IHtVNoTSrPBZvLlSdbnAsSjs0cM0FBBbf8WSXrd5DxTNmQ==
age: 242240
X-Firefox-Spdy: h2

www.dwin1.com/23738.js

143.204.176.33

200 OK

0 B

URL HTTP/2
www.dwin1.com/23738.js
IP
143.204.176.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /23738.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Nov 2022 11:18:28 GMT
x-amz-version-id: NZ5TUNYFtYHLWMvAias3PTSdk8M2y8HX
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 02:56:38 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"fd2c2e889deef01ddf08b651f1dba57b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e57031b360acd70025578ff666736976.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: 9Eell3ikLDx16qJKUdhLW1dfuUXZXWHW9elSAzgNULWpRddMfsyh_w==
age: 248
X-Firefox-Spdy: h2

www.clarity.ms/tag/uet/36002432

13.107.246.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/uet/36002432
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/uet/36002432 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b0de90b1476c498c9ddcd532e613c6e4.20221109.20231109; expires=Thu, 09 Nov 2023 03:00:46 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 03hdrYwAAAACFnfeskah3SIv3zrWj0t4QU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf

52.84.93.61

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
IP
52.84.93.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/fonts/MarkOT.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: Eju.irxG68JYjYuEi7BGXEsqN0F4MTaA
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:37 GMT
cache-control: public, max-age=604800
etag: W/"106ae5fa4d0e51fa73ed42c3beecda5e"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: cNNDgABfuUg7m6y5z9bR-0QmVX3B8NuwwGOXAhPenWx_u3ib8DgDUA==
age: 45368
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.beta.min.js

23.36.76.210

200 OK

0 B

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.beta.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /li.lms-analytics/insight.beta.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=78536
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations