app2.mackeeperaff.com/land/189/
107.22.171.30301 Moved Permanently 134 B URL HTTP/1.1 app2.mackeeperaff.com/land/189/
IP 107.22.171.30:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert quad9 Sinkholed
GET /land/189/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 09 Nov 2022 03:00:42 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://app2.mackeeperaff.com:443/land/189/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7072
Expires: Wed, 09 Nov 2022 04:58:34 GMT
Date: Wed, 09 Nov 2022 03:00:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4621
Cache-Control: max-age=118050
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:42 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:48:12 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 613
Cache-Control: max-age=114042
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:42 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 10:41:24 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8907
Expires: Wed, 09 Nov 2022 05:29:09 GMT
Date: Wed, 09 Nov 2022 03:00:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sfFJuF4yKWpPorAMM9ArgO7Ag+MlPA/hLjRjYYa4mFXDif4kX2sglvd4aaiMTnab/hS/j8X/vWJi9TGp+JBfrQ==
x-amz-request-id: 2CEWYPV6FVTP96PY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 02:11:33 GMT
age: 2949
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:00:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.143200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.143:0
Hash b5602d8a76c4855bd6373325ccde6531
ebbd4ddfc9b609beea7e19191cd72a94a45b40bf
f88d26953f272485b54779bb39f34b040255b6ca322d80dbd36489edd50d72a3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146143
Date: Wed, 09 Nov 2022 03:00:43 GMT
Etag: "636aafba-1d7"
Expires: Thu, 10 Nov 2022 19:36:26 GMT
Last-Modified: Tue, 08 Nov 2022 19:36:26 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 936c7ee6d0620cb8a766a50c04b3fa30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 96uRFnDJBp5rGghlOPR9R8kaIh47EvduGL8l973GipY0mRL8OXk8jg==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4773
Cache-Control: max-age=113136
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:43 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:26:19 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: detAvwOQI2Zb/wKW5JVnHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Esa9CFJ5xZFxaLkpF/sGqOMuJeI=
browser.sentry-cdn.com/5.5.0/bundle.min.js
151.101.194.217200 OK 52 kB URL HTTP/2 browser.sentry-cdn.com/5.5.0/bundle.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (51441)
Hash b1dcc6195d84cf50c3e882d3d515f848
06562c193663a31a3cabeaa18cffeb882084fcb6
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
GET /5.5.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 11 Nov 2022 05:27:37 GMT
last-modified: Fri, 05 Jul 2019 11:17:04 GMT
etag: W/"39339cf627bc67e34d4c623bea4c0b4a"
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:44 GMT
age: 31354389
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 51570
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
54.192.137.125200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 54.192.137.125:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 03:16:31 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: NI6_kVfhevBPN231ZHVj4gHGWIAZ7cGySuWpiGPRv85UOw1Q6-dfDg==
age: 85453
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg
52.84.93.61200 OK 2.6 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg
IP 52.84.93.61:0
Hash bfa25d76e247a9c2b2c0e6c40a596e45
4652a7339179f41d8b4a7a2530d22cc5deb1112f
9125610b6411d7018a20032f71af8cfde27b0db27baaf5e8f95beaabdccfeeea
GET /mk-land/dist/svg/components/logo/mk-logo-ua.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Apr 2022 14:50:37 GMT
x-amz-version-id: sx6d65Ik.60EPUJCncti20jd8v0DNMRK
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:21:22 GMT
cache-control: public, max-age=604800
etag: W/"0443bcb5ae8253499f7df7f80c45fc8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: O0R_cINmSpztOD_Me4vCjo37uIuMx7NcIo-XfSEdr0BKyeU1BN4ADA==
age: 45574
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/trust.webp
52.84.93.61200 OK 13 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/trust.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b9aa4b0933eeb46267bdaa801d9d9d31
20de1f46aa26051c0e00ce2beff06854f10b6b9f
36967d4492ac9e2ba8477bb87f9c142b6c4d1fb99d476754ec6b3a1ed22b5be1
GET /mk-land/dist/images/landings/189/trust.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12666
date: Tue, 08 Nov 2022 07:33:37 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:57 GMT
etag: "b9aa4b0933eeb46267bdaa801d9d9d31"
cache-control: public, max-age=604800
x-amz-version-id: Eb55tjOTkym8AfSzuULPyS103Ex55ZS0
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: sMyOlAspbwVObNb95-U0x7gkgKuSys8FFYPgtK6tqhuYNU0GU39f4w==
age: 70028
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/macbook.webp
52.84.93.61200 OK 128 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/macbook.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128184 bytes)
Hash 81201f3e2a6afd62000e3800b33c1fb8
ce32caf4ab517b121758188972d4954f73161c7c
ebfa9db76ae3bf2b287574ca08c1307b0e2041ebcd503eb070b125524af11bbc
GET /mk-land/dist/images/landings/189/macbook.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 128184
date: Fri, 04 Nov 2022 08:12:03 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:39 GMT
etag: "81201f3e2a6afd62000e3800b33c1fb8"
cache-control: public, max-age=604800
x-amz-version-id: hx_BbUaaVmPN5X3z_j40GLkYCX1Xbt4P
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: vhtRGfxN-Z4A0bsENosbvC4LmC5Gkx_1SZkCjdG4SIPYSSIKozecGQ==
age: 413322
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/btn__arrow_white.webp
52.84.93.61200 OK 824 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/btn__arrow_white.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 77d57961e87b47e38a8a8ffb6fcf74f9
e6ffedfe0331b0bcba6bdd2d63bf2bf60e1bf15d
a55e792765fd4162fde5cca5e88a8ec6e105b4445a16d9ece7fcd7d19ad00e38
GET /mk-land/dist/images/landings/189/btn__arrow_white.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 824
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:58 GMT
x-amz-version-id: 0z0aSTZNANvhhMDenso7XerOxJ73wAwx
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 21:27:30 GMT
cache-control: public, max-age=604800
etag: "77d57961e87b47e38a8a8ffb6fcf74f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: IKRFnxt3wmSnH3RKG6HzQtaM6Sc6sjh6Q9p4LuJ8l8J32bq65XUHkA==
age: 19995
X-Firefox-Spdy: h2
app2.mackeeperaff.com/land/189/
3.225.159.165200 OK 156 kB URL HTTP/2 app2.mackeeperaff.com/land/189/
IP 3.225.159.165:0
Size 156 kB (156341 bytes)
Hash fd71433d1a427fde69b4871eb9c58abf
c14670e508bb371da114d17a442bf1776375ad49
daf2566cbe370e2db37cd6b8491411a048b37cffcc206b0e3841d519ead3a8bb
Analyzer Verdict Alert quad9 Sinkholed
GET /land/189/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:43 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src 'self' *.hotjar.com *.mackeeper.com;frame-ancestors 'none';frame-src 'self' 'unsafe-inline' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com *.cdn.onesignal.com *.onesignal.com *.criteo.com static-cdn.mackeeper.com;child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com blob: *.cdn.onesignal.com *.onesignal.com *.liadm.com static-cdn.mackeeper.com;form-action 'self' *.mackeeper.com *.facebook.com;img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com mc.yandex.ru cx.atdmt.com *.baidu.com *.gstatstrk.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.zoomsupport.com *.cloudmccloud.com linkconnector.com *.linkconnector.com *.linkedin.com https://p.adsymptotic.com *.clarity.ms *.lfeeder.com static-cdn.mackeeper.com *.imcounting.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net *.yimg.jp *.addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com *.baidu.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com cdnjs.cloudflare.com *.clickcease.com *.sentry-cdn.com *.criteo.net *.criteo.com https://snpa.licdn.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com *.the.sciencebehindecommerce.com *.licdn.com *.liadm.com *.clarity.ms *.adcell.com *.lfeeder.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.referrer.disqus.com *.google.com *.google.com.ua *.addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com *.googletagmanager.com;font-src 'self' data: *.doubleclick.net *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;object-src *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.liadm.com static-cdn.mackeeper.com;connect-src 'self' *.mackeeper.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net *.lcidc.liadm.com *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com *.pushdata.onesignal.com:* *.onesignal.com *.taboola.com *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com sentry.cloudmccloud.com *.liadm.com *.macupdate.com https://api.account.mackeeper.com https://api.account.sz.mackeeper.com https://api-ne.mackeeper.com *.adcell.com *.clarity.ms *.lfeeder.com *.static-cdn.mackeeper.com https://crm.account.mackeeper.com https://chat-crm.account.mackeeper.com static-cdn.mackeeper.com https://cdn.linkedin.oribi.io/
set-cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; expires=Wed, 09-Nov-2022 05:00:43 GMT; Max-Age=7200; path=/; secure; samesite=lax
mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D; expires=Wed, 09-Nov-2022 05:00:43 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
country=NO; expires=Mon, 08-May-2023 03:00:43 GMT; Max-Age=15552000; path=/; domain=.mackeeper.com; secure; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 720a9016ea89cc3a862b620a3af018f7
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp
52.84.93.61200 OK 16 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b884be13d0553f50656549be0f1a897
e61eb5287b5d0d5520ef29a33f17c3b609dd91f5
801795b8d61b71566232e70d0cee0c0324ff025db66afbc92fefe6ccf2058842
GET /mk-land/dist/images/landings/189/icon__sprire_small--mk4.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 16320
date: Fri, 04 Nov 2022 08:12:03 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:56 GMT
etag: "0b884be13d0553f50656549be0f1a897"
cache-control: public, max-age=604800
x-amz-version-id: iN_v_moRcMOgLSmQ4ImRvYNllA5SgFvF
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: 0G2hxnmOOJuAOzu4FyhCteXSTodfBf9wQ0t9CSPu_6SIofDSm5gvCA==
age: 413322
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/map.webp
52.84.93.61200 OK 3.6 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/map.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7ca19b30945465fbde145f3fe1da456f
17497c7ef3d8f621bcc9f7e48c3ac8f518e68b81
d9599529d8221140e8fcb8eba22ad408b12bcd05ef6605777c35058cb3a384cb
GET /mk-land/dist/images/landings/189/map.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 3608
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:55 GMT
x-amz-version-id: Iay60t54rw79SZWup66tZBeR0r84lhdh
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 21:27:30 GMT
cache-control: public, max-age=604800
etag: "7ca19b30945465fbde145f3fe1da456f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: yMnfIxDZ3_56XIpV8RDUhzI1QnZ0-xqo27MQiKrW27TkBYHw_II9Kw==
age: 19995
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
54.192.137.125200 OK 1.9 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
IP 54.192.137.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4945)
Hash 1b1a56d9c9fcf8acab07f238231461df
72d6d8ecdb249b20852dc54d67530d0280515bc1
73b167681ae290cac469afde469076a7f222d5c5d2746122b2eaf5d7b4699e91
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Tue, 04 Oct 2022 10:33:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 07:47:27 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: qbh61vAb5w1zw86Hml28PkCHGf0GeTK507JilNBmOOR8TuOlhXlD6w==
age: 69866
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:26:57 GMT
expires: Thu, 02 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545627
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:26:57 GMT
expires: Thu, 02 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545627
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.10:0
File type Unicode text, UTF-8 text, with very long lines (50698)
Hash c857b49564d19dd07a7ca94d214026f7
5a2437ed22b1ff2f92a6a0812ae64b1f245fc232
c2702ec65a57a47ad1d6ade69ebde1b978cfccd98e854c061fa000e48ffbfa48
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 03:00:44 GMT
date: Wed, 09 Nov 2022 03:00:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/star.webp
52.84.93.61200 OK 276 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/star.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ee49dcad0d956cb8de84883fca4be27
df332994a9b9682c35a8446109b1bf89860d4e61
61edec41e4a76e6a7261e16281a3e0d1f54fef8ee1de89dd9988294cc0729cf5
GET /mk-land/dist/images/landings/189/star.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 276
date: Wed, 02 Nov 2022 19:31:02 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:16:56 GMT
etag: "2ee49dcad0d956cb8de84883fca4be27"
cache-control: public, max-age=604800
x-amz-version-id: .JxM4S4q1B4W9xCj5qPlx_SGVYwXBTbA
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: haTDGwVaeuqTA8xZAexEcG6VzM_Wcn-ztuTYG0j5genGPqUmmxoTaA==
age: 545383
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
54.192.137.125200 OK 390 B URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
IP 54.192.137.125:0
File type JSON data\012- , ASCII text, with very long lines (881), with no line terminators
Hash 8afdfb6a08e70e5bc1fed4d52db5db0d
e837c3953f2c5690bcbf8660dfdb42def6e37566
45bcf8afdd45668e0211172ce973bf8b6bbf1606d5320c7dc5ef928a6e2958fe
GET /trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 390
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Wed, 09 Nov 2022 02:34:48 GMT
etag: "1746e3cfce555328a54224efcea5c90a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: XisvsmalaWI78L8pmd8Le61ncmv1mYRTCp5oLLvnnDCKw4LXe8NBgw==
age: 1556
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/189/tools.webp
52.84.93.61200 OK 18 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/189/tools.webp
IP 52.84.93.61:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 40d3cc9a4df10afd29214d1112452634
eafa7529926aeed7c50dc38a42b1451ed68a75cb
dab6e51f288ee51c45ccdf41043a7dcfe80b929cbca244c5efd9bab2f69fab1e
GET /mk-land/dist/images/landings/189/tools.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/189/style.webp.min.css?8d189a5fc85a9fc9f8e6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 18068
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:17:00 GMT
x-amz-version-id: 1bi_Y_XCTKpnupmEavkD_lejn.sfGW.X
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: public, max-age=604800
etag: "40d3cc9a4df10afd29214d1112452634"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: rPpCNXyE-_gEyahyaUvV_CS7lTiZVzkBCHq7wnQCp3-Wo555LIHcEA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
54.192.137.125204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
IP 54.192.137.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 09 Nov 2022 03:00:44 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: Ng2ee6UmL0SYf1dIlwps1pN5thLaABSPdvTv6UdgGFsv9rAHGlkokg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: c4f7c3d2-4c43-442e-a477-84a5baf6ff49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM4rXGdcoAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683b15-1aec78204d291cfe5061d179;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:54:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZH49PpL-lN1JhCh03uyZJqRLu5vHF1RDMIBKKCvHOaKYdDOASOdUcw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 19014
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb3fe96fee7d9da0905d9d565b44fc32
c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee
2b602aa92c61c060a0cfa9b13a7bbbcb65388b91559702c4d509bf199cf30bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12796
x-amzn-requestid: 31108e5a-3c69-4b62-99ea-1816df71a2aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDcEzooAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-708c32857b683c5a39046202;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hRbYl8z9BgnFvtV-7f14N5JoCSebFBrKB7-seyEJAFPN628ccXDjLw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 07:43:06 GMT
age: 69458
etag: "c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 73963
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 17898
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 19033
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hcOJnYBsbAtMobcAC_q19cCoOChDcKs-oIspAtNKskbYnoSHz2NmEg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
age: 19033
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 7000910ba22a59c03dd710c745cf4c4f
bb8023760f2e66d5f72c9dd2e1191edb9c724dc2
cf3f99eab13e4904b0cd61d5435191e2ee16db4c5fe686da15114ce0ab88cee1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=225
Date: Wed, 09 Nov 2022 03:00:44 GMT
Connection: keep-alive
X-N: S
tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
52.84.93.55200 OK 43 B URL HTTP/2 tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP 52.84.93.55:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTk2NTkxNjY0My4xNjY3OTYyODQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTcuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xODkvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJkM2YxZDY0Mjg2NDcyN2UxIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43NzExOTU0MDBlODk0ZTNhLjE2Njc5NjI4NDE5NDMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr-rc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Wed, 09 Nov 2022 03:00:45 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: vRpahoE9IAJ-T0X0fNDxn1g9TEJmAODkrsoSHCJ7tNrH5RvV6npVVA==
X-Firefox-Spdy: h2
sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
18.244.140.17200 OK 11 kB URL HTTP/2 sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
IP 18.244.140.17:0
File type ASCII text, with very long lines (31923), with no line terminators
Hash 763b74af7be42af98af6848a7627c6b1
43fe403b0a5b7ceb1d8f7a5a2e4052b5d7dbc764
b787460dc63f3e791a4a66ef0a05a6e77ddde7c017dbadaf0e1d3a541a1efe16
GET /lftracker_v1_ywVkO4XWPeW7Z6Bj.js HTTP/1.1
Host: sc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 07:16:39 GMT
x-amz-version-id: WREyONWh6CViY1vkb7O6LJhSIb1uUUkg
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 02:46:46 GMT
cache-control: max-age=3600
etag: W/"77fbab55edf6780776ed0e11584a2d76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c35168d6765ec616de06013427e871a2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: Jb48jgQDAdLh6aOS7LEBqQQ0I-Bwh97xlforQS5wKeipltllmsLc_g==
age: 1154
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
52.84.93.61200 OK 407 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
IP 52.84.93.61:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 471c1c90d41a571f14162d7a8a9c8b9c
b08dfa2783c706945451a8f4890bdb9243936e78
eb625a455a490292aa2a7101dd7b3235bc4c92df0f08349c6663df51b7b66c27
GET /mk-land/dist/images/favicon_ua.png HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 407
date: Fri, 04 Nov 2022 05:04:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Apr 2022 09:52:27 GMT
etag: "471c1c90d41a571f14162d7a8a9c8b9c"
cache-control: public, max-age=604800
x-amz-version-id: fOjB1uVWJszrafJRMb0A4UZGtOA62i.I
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: y0jUndevpIF4oDVQWkeR3fqdyidU_CnR3XIbwXdiPz_aMR3yod6FaQ==
age: 424600
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 472 B URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (996)
Hash 9c84a489651025d1173e25b763aa9512
f11ffd7fc8aebb12204163c8c7de63e15b7f1a7e
a0690bf498581eb6f63de50ec2aa642fa995a4ff24bdc455aa449472ee21feb8
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=78553
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 472
x-cdn: AKAM
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.4 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8312), with no line terminators
Hash ea9a6e9430d6641a4ef487694eb987dd
bee56e411f593c933bfd53ef4906098963bc3d1e
76d12a1f57dcbb434e6b272abd0f99c18e33218904a8bd7d07165ec801709a88
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "eb9bdc49d6df4c975ea1cbf5eccc01ff:1667915675.222308"
Last-Modified: Tue, 08 Nov 2022 13:52:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 09 Nov 2022 03:20:45 GMT
Date: Wed, 09 Nov 2022 03:00:45 GMT
Content-Length: 3351
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH
216.239.34.178200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH
IP 216.239.34.178:0
File type ASCII text, with very long lines (1921)
Hash c0e5bbabb2894da9f863bd61f92739d4
47ab513a39dc79c5e7d5052f53f6f095e4f423b7
7a1606a32f10bb85726140f91b106d21a92ede265a4d5fe476b461e83f67a362
GET /gtm/optimize.js?id=OPT-TVNW4WH HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 03:00:45 GMT
expires: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true
34.233.14.107200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true
IP 34.233.14.107:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1667962841927&aid=a-015g&se=e30&duid=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
content-length: 13
trace-id: 092663d256722b9f
vary: Origin
request-time: 7
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: cd6e1768-99d2-4f37-a240-781543548d71
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
142.250.74.130200 OK 862 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1793), with no line terminators
Hash 5657427422d675c7d29fede9187fb441
a14c492c96d1be65bac27560ab038f40a08b565b
f291a2abc4fe73ab6e300eed7babb22235cbd4f36c80a632ddda9ac53392ac2a
GET /pagead/viewthroughconversion/957119846/?random=1667962841580&cv=11&fst=1667962841580&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 862
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0DBDA17E177667E70729B32916836625; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:45 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E22698C1BBE74BA8A3D1B0C18A799B42 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:45Z
date: Wed, 09 Nov 2022 03:00:44 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4869
Cache-Control: max-age=130128
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:09:33 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
142.250.74.130200 OK 861 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1793), with no line terminators
Hash c0a3cec4d128b24539eb4cd131b7e4f9
1f393052b841782c20c70329a6d8d4deaf8187a5
c9406e1cf4271b3043eff31d65622a8607f76d1c0eac0b558e16f6f8929accc7
GET /pagead/viewthroughconversion/854379023/?random=1667962841572&cv=11&fst=1667962841572&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app2.mackeeperaff.com/land/api/send-event
3.225.159.165200 OK 27 kB URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 3.225.159.165:0
File type JSON data\012- , ASCII text, with very long lines (64251)
Hash 20a4c2cfb707ad978cc0ec135861ef0d
8aeed3fd70ca122be10d0fb29c6aafbe4548dff6
620cc7ebf1f10b8de7e1e35f5ce8b9fe3a6bdb7d25cccab192a398c4612e7e26
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 104
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: ec4bcf3def81d4eca19f2633b0796178
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
142.250.74.130200 OK 861 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1793), with no line terminators
Hash 0867184ca62c6e345c551c253e43144b
c5124f4cea0a1920b4461c1dd54e05c8d5f1fa0d
090f9fd3968dab1eb8bc0d7f43ac9ecd009dfb8970055eddb26144406108a9ba
GET /pagead/viewthroughconversion/1010020041/?random=1667962841578&cv=11&fst=1667962841578&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 5.9 kB IP 188.125.94.204:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: svbxKCYFAvV2ttp4OrbObs/9yi9ksBUUl66eKirdatUZONBQ1V8+sDES6qSu/KBfGtT2XushQVE=
x-amz-request-id: Y5X4TR8PVQS874XV
date: Wed, 09 Nov 2022 02:17:26 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 2600
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1
64.233.165.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1
IP 64.233.165.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb70&_p=1236577353&_gaz=1&cid=1965916643.1667962842&ul=en-us&sr=1280x1024&_s=1&sid=1667962841&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app2.mackeeperaff.com/land/api/send-event
3.225.159.165200 OK 101 B URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 3.225.159.165:0
Hash c1bcb881d5ed13078c01ad26966ff42b
6590c3e7e8eb1e5cff6c4fce2a7fbf260a41651c
c53ffaadab7b0d84c829e1271f50681b686ac1a282dccf4831f119486aa33779
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 102
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:45 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 3a539b3b53243a5afc0ab12008db2fd7
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
142.250.74.130200 OK 861 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1793), with no line terminators
Hash f96574ce1de1e7766e112762cc672925
f3273ba2cddcc142dd9a309c46df71115b83b724
303a521f16b3288e9054a993c6f1f71c704da2c7940d62438e4c32fe29899584
GET /pagead/viewthroughconversion/983482265/?random=1667962841575&cv=11&fst=1667962841575&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&auid=1526450521.1667962842&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:15:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1010020041/?random=1667962841583&cv=11&fst=1667962841583&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1526450521.1667962842&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4869
Cache-Control: max-age=130128
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:09:33 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1&z=1189976468
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1&z=1189976468
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1965916643.1667962842>m=2oeb70&aip=1&z=1189976468 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
108.156.28.58200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP 108.156.28.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://app2.mackeeperaff.com/
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Tue, 08 Nov 2022 07:22:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: _CKQ1SKu7X57lHyEM-Dgji8diUR6vDFAItJZGjJRoygDrapHaRudBQ==
age: 70686
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/957119846/?random=1667962841580&cv=11&fst=1667962800000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&tiba=MacKeeper&fmt=3&is_vtc=1&random=3023341898&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10013499.json
188.125.94.204200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10013499.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10013499.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 9F9T4CFJ1Q8645XF
x-amz-id-2: REjnVUucRhEtP+Zzwewx8mxbvobX0DLWMd7oA4P2/aW6TOad7a8JxEHmOuUyMp9h08rHfTwlaW4=
content-type: application/json
date: Wed, 09 Nov 2022 03:00:45 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1212352/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1212352/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58512)
Hash 4cd1353a06eb05dcb81236aa433f0136
096f9cfee304ae32a14271f399ce8b13f38148da
219af05bdae67b92f84a51c04fdc869ac8fca1e36959b051f07d60481b92b839
GET /libtrc/unip/1212352/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X/DS1YqagttJ1fMd5QGqpHh4CC7HosPYbE8P8X9dc5cl0aGgnsgRCKo2vMFuXU5FD3XAFq7CqHs=
x-amz-request-id: HGBV3YASJWR89C4Q
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Nov 2022 11:06:43 GMT
etag: "b996f2d0f0d0be5d0cba1d1124c39de2"
x-amz-version-id: BP9V5mjwRykTl55M13vQXHW.pmXFZRn0
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:45 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667962846.721617,VS0,VE215
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 99
content-length: 17953
X-Firefox-Spdy: h2
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
18.244.114.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP 18.244.114.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7e7605dff243a25ecb1590c5d7dcc7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P6
x-amz-cf-id: jTLu1lUe3IwGG6Huqodd-ogLVznalJ3nxIO93A_d2QZwCkPRCNkI2A==
age: 398319
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
108.156.28.58200 OK 104 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP 108.156.28.58:0
Hash f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6
GET /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 09 Nov 2022 03:00:45 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: RB5qOwrrTnTCWFuIu6sbjxqNQc1C9Ugk3y8qAqMrf09xnMK_VpdBlw==
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=570059 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2AB152B145A36581136540E644566498; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC47E284E34F48CFA5F46BCED62D8599 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=<=2283&evt=pageLoad&sv=1&rn=133132
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=<=2283&evt=pageLoad&sv=1&rn=133132
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=36002432&Ver=2&mid=e6564564-d908-477e-9d9c-d9852dc8e901&sid=b2c64b905fda11eda8a8e564e8df072b&vid=b2c678805fda11ed99ac8dfb33d1ce28&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&r=<=2283&evt=pageLoad&sv=1&rn=133132 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=22D5B3570E2B6F942D1CA1000FDE6EE1; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 014D36F862054877A6CA7C4D5C1BC063 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
70.42.32.95200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:00:46 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 31033f4b3ad5f43659552b8989006b2a
content-encoding: gzip
bat.bing.com/p/action/36002432.js
204.79.197.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/36002432.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash af03844de699f6e7e0ed552f725a22df
10eae56beeacb28641d52a664eccaf4818bad5fe
472f9e0968b39c41aa022478f9d20e01e5131d6bd50451676cefad81427420ac
GET /p/action/36002432.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1423
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=358C814A9438606002FC931D95CD617F; domain=.bing.com; expires=Mon, 04-Dec-2023 03:00:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9641FA2E78A144EBAD19C40B718258BA Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.ce71d14bfe39cbc54662.js
18.165.227.104200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.ce71d14bfe39cbc54662.js
IP 18.165.227.104:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash da0f5482259a7f9bc23abb5a00fd3164
fdd7393befd6e23d003e411f1345648a55e79a3d
654b2c6e204bcbc1cef44fe1822b8abca358b4fb2292e8cd2ae7308201aed86a
GET /modules.ce71d14bfe39cbc54662.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68393
date: Tue, 08 Nov 2022 14:40:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "da0f5482259a7f9bc23abb5a00fd3164"
last-modified: Tue, 08 Nov 2022 14:39:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7b5cd9167634df8189bb5a88ba570ee0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: WwTJLyiX7ufIoEloUR6S2bKE51Jik9NfcCX4u8rj9ZF89f9puM0pWQ==
age: 44440
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer=
70.42.32.95200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer=
IP 70.42.32.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&obApiVersion=1.1&obtpVersion=1.11.3&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&optOut=false&bust=012572183652419322&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:00:46 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 831ee79f1a5fe4c8c97482739d0b4f0c
content-encoding: gzip
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Wed%2C%2009%20Nov%202022%2003%3A00%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:46 GMT
expires: Wed, 09 Nov 2022 03:00:46 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBN4Xa2MCEF0xHkVb0k5tyC4YORruulkFEgEBAQFpbGN0YwAAAAAA_eMAAA&S=AQAAApaVOrnFdDGLTNy0AwJSG8g; Expires=Thu, 9 Nov 2023 09:00:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLxrHstZ7CpsgAAAYRaVTu6Up7M-MqW3tINJkhNCX46W21Hq4JXE7ksib-06BNOCitOpFZzxuvGrQ; Max-Age=2592000; Expires=Fri, 09 Dec 2022 03:00:46 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLc-8bj4IHsZQAAAYRaVTu6mdd9sOfWzInD9awWFNebIvIom2ZsQf1hyor3sY2ClqN62tbLfhqzXIyykjgclg; Max-Age=2592000; Expires=Fri, 09 Dec 2022 03:00:46 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&d838277a-7102-4c94-8737-6deb8de0c45c"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 03:00:46 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2370:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQGZuUqux7BDL6iRoR5AS1motyRno-o1"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtANzxMCAOBYLFqCNmvA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0EFAA17024B54EA08186C59A02CD1331 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 0
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/190484?s=0.25&r=0.060100563848200395
13.224.245.122204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/190484?s=0.25&r=0.060100563848200395
IP 13.224.245.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/190484?s=0.25&r=0.060100563848200395 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 09 Nov 2022 03:00:46 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 1d61815344be6df2eace7e0cbeebe716.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: X5qXMtxcZT2Q6tAcBD0uhu0MFpM-NJUbFqPJgAsvjvFV0o2amKoJTQ==
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1667962842511%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F189%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&b8e745c0-8d77-4cb5-8630-e4030ffb6a32"; Domain=.linkedin.com; Expires=Thu, 09-Nov-2023 03:00:46 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221109030046e99720a9-4181-4523-8378-9dd93b35f732AQFjW1f-1GevvZIUxztjCL2yG94OcGKI"; Domain=.www.linkedin.com; Expires=Thu, 09-Nov-2023 03:00:46 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njc5NjI4NDY7MjswMjFwfOYQox/OzqzzQZtJrPPHnF/Bq0+aprRDHn8fj+JKaA==; Domain=.linkedin.com; Expires=Mon, 08 May 2023 03:00:46 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2413:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQHNn04FQx4vS24DiQInrg_CmwN70kg4"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtANz0cKl30EwRG05bWg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A070469B5207492A97AEEF884623BF25 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 0
X-Firefox-Spdy: h2
trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
File type ASCII text, with very long lines (2496), with no line terminators
Hash d2e2f3b7912e54b8b9f493da18ec1855
f94e54b13d244c39b1479b3d19b49c010c226ce3
89622ae875428d03aee1bbec826c6473c59b5ffeceeb5eaaf9a87a68a7828b16
GET /1212352/trc/3/json?tim=1667962842783&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fland%2F189%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667962842769%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667962842783%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A49%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 03:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667962846.024048,VS0,VE100
vary: Accept-Encoding
x-vcl-time-ms: 100
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.246.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8eec314a76b4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 03hdrYwAAAABeud79ipGLSpXiUub6Mu8uU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3865705&time=1667962842511&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&5f3c7e11-5f2d-46a3-8050-eaeff9191e99"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 09-Nov-2023 03:00:46 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2426:u=1:x=1:i=1667962846:t=1668049246:v=2:sig=AQHZqMqvkGhLuZ-eTGgHMxQ8AqMjfQVX"; Expires=Thu, 10 Nov 2022 03:00:46 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtANz21fp3e2IxFVADvA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F2B2A33393C44FE5A2850E33AF2E68E9 Ref B: OSL30EDGE0318 Ref C: 2022-11-09T03:00:46Z
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1560
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 26379
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0C795A19E9D965A83575484EEDD96B2F; domain=.clarity.ms; expires=Mon, 04-Dec-2023 03:00:47 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&RedC=c.clarity.ms&MXFR=0C795A19E9D965A83575484EEDD96B2F HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4AD1CE21DBE347C89DBB1010943CA476&MUID=0517425A5744629E0A5C500D56B16393
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0517425A5744629E0A5C500D56B16393; domain=c.bing.com; expires=Mon, 04-Dec-2023 03:00:47 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3066A47085C842A8800CA41E1173A5C5 Ref B: OSL30EDGE0211 Ref C: 2022-11-09T03:00:47Z
date: Wed, 09 Nov 2022 03:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2
app2.mackeeperaff.com/land/api/send-event
3.225.159.165200 OK 101 B URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 3.225.159.165:0
Hash 555e55f825c4975348b5be2b6c986f6a
cb64861260e85bb76d53465a0950d768c2d85de7
4720817ffd9eafc28841689967f2b6e1d982ec907c191cf1ed5955d84785ed12
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: xS3VC5SsREgnssvEeAA5BmtuVodBdh646HlvI1tf
X-XSRF-TOKEN: eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ==
Content-Length: 103
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/189/
Cookie: XSRF-TOKEN=eyJpdiI6IjVWc3ArWUtKaVowUDBJNG0wVUpHMGc9PSIsInZhbHVlIjoiV1VKMzltSkNrVzlLZW5nWDF6TFMxOHNueVBFQys0QnZIRVh3Z0NIcWtQMzlqRzludDFSVEVNN3lYMXJ2UHZVeERiRmxmZDVvdmpoMEoxaDExWWZmSm5iV2N1V0JWS2laOGRcL2VzTnAzeGRxRTJsdkRcLzgyTTFUR1FqKzNqZTB1ayIsIm1hYyI6IjliZGU1MzRmMjM5NDNjMzZkNWM3MGYzZGNkNjc4NDQ1ODgyZDRjZjY2MDdjM2Y0ZTQ1MGQwNzk3Yjg5ZDU4MGYifQ%3D%3D; mackeeper_session=eyJpdiI6IldYWkQ2WE54ZGZTRFcwVVN4eVY3alE9PSIsInZhbHVlIjoiYWk1WVoyTFVoOXdJYnQxSXZFZGF4U3JUY2pBTlhSajN2TVMrZ1FFTElGRytRWDhDUXJHMmR1eHlMYmVSYUx6c3RaWStvUDlyRFVKeHA1RUF0NDduaUl2MWVBeVo3dFRwZ3JCZFk4WXlUQzcwYzA0eHFkVlduang3ck9HRCt3bmkiLCJtYWMiOiI3ODQwMDFjYjVjMTMwZjc5OGM3MTM2ZTRkMzZjM2YxYmI5MzQ3YzQ2ZmU3MTVlMWFmNTQ2YjUxZmM4ZmM5ZDJlIn0%3D; _gcl_au=1.1.1526450521.1667962842; _ga_GYTXD89N1W=GS1.1.1667962841.1.0.1667962841.60.0.0; _ga=GA1.2.1965916643.1667962842; _li_dcdm_c=.mackeeperaff.com; _lc2_fpi=f810f9c9df2c--01ghd5aanw9ysetv3sd0176gax; _lfa=LF1.1.771195400e894e3a.1667962841943; _uetsid=b2c64b905fda11eda8a8e564e8df072b; _uetvid=b2c678805fda11ed99ac8dfb33d1ce28; _gid=GA1.2.107750066.1667962843; _gat_UA-157596782-1=1; ln_or=d; outbrain_cid_fetch=true; _hjSessionUser_190484=eyJpZCI6ImFiMmI0YjNmLWNiYWEtNTJkMy05ZGQ5LTczZjRkYjM2NWFkMCIsImNyZWF0ZWQiOjE2Njc5NjI4NDMwMzcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_190484=eyJpZCI6IjkxYjEzOTBjLWZlZjctNGFmZS1hMmZkLTBjZThlYWI3NTBiNyIsImNyZWF0ZWQiOjE2Njc5NjI4NDMwOTQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; _fbp=fb.1.1667962843204.1284009442; _clck=na19z2|1|f6f|0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:00:47 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 178
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 24e97b4fff136ea84b3bf67b138df56d
X-Firefox-Spdy: h2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=1569&scd=49&ssd=1&est=1667962842771&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667962844344&vi=1667962842769&ri=79df6f02a99f43077beabef44af03d84&ref=null&cv=20221106-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F189%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 03:00:47 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
t.adcell.com/js/trad.js
185.5.82.77200 OK 22 kB IP 185.5.82.77:0
File type Unicode text, UTF-8 text, with very long lines (33739), with NEL line terminators
Hash 203702e78f504e36ea49162300dd7e96
2d347480dfbd9d4c69bcc742e205062f689e5d00
37ee59a07e31b6568a71dbf9a3fdf32d573bb8a43964b0e0859d3bc9a08917dc
GET /js/trad.js HTTP/1.1
Host: t.adcell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: myracloud
date: Wed, 09 Nov 2022 03:00:44 GMT
content-type: text/javascript
strict-transport-security: max-age=15768000
content-encoding: gzip
vary: accept-encoding
expires: Wed, 09 Nov 2022 03:13:00 GMT
cache-control: max-age=900
etag: "myra-a01d5c09"
x-cdn: 1
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
IP 52.84.93.61:0
GET /mk-land/dist/fonts/MarkOT-Light.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: 0k6awkdioEQDqMMUsMLLZL0d1S0LNdte
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:36 GMT
cache-control: public, max-age=604800
etag: W/"48dd0f49a4207634e9062def9074a038"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: T5akbW2KmuQQkwaPDN6EWCuRaoW1IlBncRLV-qfcYlvwpNBtzVH9Iw==
age: 242240
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-190484.js?sv=7
13.224.245.61200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-190484.js?sv=7
IP 13.224.245.61:0
GET /c/hotjar-190484.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 03:00:45 GMT
cache-control: max-age=60
etag: W/40a69c4f9bab3d456a681a2fb1cf6259
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 7654e8d5fbf72d40d262281571df7bae.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: 4CBmCeOIHaP-j-8mibGTxLWuOCAMCJHw_AewloIZmLUHFFKKeWuIrQ==
X-Firefox-Spdy: h2
b-code.liadm.com/a-015g.min.js
18.165.227.85200 OK 0 B URL HTTP/2 b-code.liadm.com/a-015g.min.js
IP 18.165.227.85:0
GET /a-015g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 10:44:03 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: d1zc-dJXR_sg1LR1m4x8fdr2RaJQXlyoP7qCrmgoEey-3z1WYN8VUQ==
age: 58601
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5
IP 52.84.93.61:0
GET /mk-land/dist/critical/script.min.js?713042b92e8e26034ff5 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: PENDING
last-modified: Tue, 01 Nov 2022 14:19:26 GMT
x-amz-version-id: mBt3HOpoZzV_BXxKf5m06Uut_dgFAc_H
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:21:22 GMT
cache-control: public, max-age=604800
etag: W/"ae9c9df33a1c1fcfb8e94b7c77f9ad66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: HYIkEmRXinKNNO-Q_QGKRXDZWHy2eaLxAvs-VlVpBGqmpu_Vmg6kkg==
age: 157735
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b
IP 52.84.93.61:0
GET /mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:18:44 GMT
x-amz-version-id: MqlWLhbTvSNRNbExGkOtw0bKSdtMf3rQ
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 01:04:12 GMT
cache-control: public, max-age=604800
etag: W/"f39243185bab35a6e62fc592e4ee5976"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: nYGGqyIxQlFiH1aBnP_3VThhYYgDZ5iiNVHdqZkG7VRjMdQGDcnxMA==
age: 6993
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/189/script.min.js?410f45539e1dbcb98790
IP 52.84.93.61:0
GET /mk-land/dist/189/script.min.js?410f45539e1dbcb98790 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 08 Nov 2022 19:07:25 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:42 GMT
etag: W/"7e516217258446374981dd7cbc8dbac2"
cache-control: public, max-age=604800
x-amz-version-id: s73Qlchvu6bwh5MmjxIODNWG2jTqcwP_
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: mrGhSQkC34A4JCD5mPhlVMGoUwHrBH7sawfMs27RmA5fh_L3gp70eg==
age: 28400
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf
IP 52.84.93.61:0
GET /mk-land/dist/fonts/MarkOT-Medium.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:12 GMT
x-amz-version-id: adnRDSe0awZldw3c8I6M4tTQa_wDyvz_
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:36 GMT
cache-control: public, max-age=604800
etag: W/"44a8a536b53be74bb2ebfc4fa3403364"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: AiFp-F42IHtVNoTSrPBZvLlSdbnAsSjs0cM0FBBbf8WSXrd5DxTNmQ==
age: 242240
X-Firefox-Spdy: h2
www.dwin1.com/23738.js
143.204.176.33200 OK 0 B IP 143.204.176.33:0
GET /23738.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Nov 2022 11:18:28 GMT
x-amz-version-id: NZ5TUNYFtYHLWMvAias3PTSdk8M2y8HX
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Nov 2022 02:56:38 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"fd2c2e889deef01ddf08b651f1dba57b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e57031b360acd70025578ff666736976.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: 9Eell3ikLDx16qJKUdhLW1dfuUXZXWHW9elSAzgNULWpRddMfsyh_w==
age: 248
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/36002432
13.107.246.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/36002432
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/36002432 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b0de90b1476c498c9ddcd532e613c6e4.20221109.20231109; expires=Thu, 09 Nov 2023 03:00:46 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 03hdrYwAAAACFnfeskah3SIv3zrWj0t4QU1ZHMjBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 09 Nov 2022 03:00:46 GMT
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
52.84.93.61200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
IP 52.84.93.61:0
GET /mk-land/dist/fonts/MarkOT.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: Eju.irxG68JYjYuEi7BGXEsqN0F4MTaA
server: AmazonS3
content-encoding: gzip
date: Tue, 08 Nov 2022 14:24:37 GMT
cache-control: public, max-age=604800
etag: W/"106ae5fa4d0e51fa73ed42c3beecda5e"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fe71c2e88a632c65075c957a7abe5788.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: cNNDgABfuUg7m6y5z9bR-0QmVX3B8NuwwGOXAhPenWx_u3ib8DgDUA==
age: 45368
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.beta.min.js
23.36.76.210200 OK 0 B URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.beta.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
GET /li.lms-analytics/insight.beta.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 00:42:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=78536
date: Wed, 09 Nov 2022 03:00:45 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2