app2.mackeeperaff.com/land/197.11/
34.197.69.137301 Moved Permanently 134 B URL HTTP/1.1 app2.mackeeperaff.com/land/197.11/
IP 34.197.69.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert quad9 Sinkholed
GET /land/197.11/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 22 Nov 2022 15:19:50 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://app2.mackeeperaff.com:443/land/197.11/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7499
Expires: Tue, 22 Nov 2022 17:24:49 GMT
Date: Tue, 22 Nov 2022 15:19:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6106
Cache-Control: max-age=161591
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:50 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:13:01 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4637
Expires: Tue, 22 Nov 2022 16:37:07 GMT
Date: Tue, 22 Nov 2022 15:19:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 15:09:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 627
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YsgSoQIJqrtVv3mr0Z4N1Z2sBo5aq+1OJbfRjXN5p4ZKJ3Fos3vFN2OJBjy64RsUo0W2jjae5w0=
x-amz-request-id: KWSRNJ7G93Z8D6Z1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 14:42:36 GMT
age: 2234
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 15:19:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f4a57a8a39aca95d99a095749f7e5416
584fbd9440c4b2d7d13115f160c3e68b9424c212
cd91c5a1b25095b145d7cfb30ce43e12cf977c89b967098e3dde773897db1ec5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105105
Date: Tue, 22 Nov 2022 15:19:50 GMT
Etag: "637bd339-1d7"
Expires: Wed, 23 Nov 2022 20:31:35 GMT
Last-Modified: Mon, 21 Nov 2022 19:36:25 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p3eqb5ZcTRbwQbREEWUUsfa7LysC5HpP78GjtlPujHCdwzL-Bz_p4w==
Age: 3310
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 15:11:10 GMT
cache-control: public,max-age=3600
age: 521
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3243
Cache-Control: max-age=153667
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:51 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:00:58 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EwWZTyUAyE4GKQe2129taw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lUzhgwu3F8WzaJeyAxDKzR34vLM=
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.110200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.110:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O9xpHgk6B1bHOLnwJIKTcmxT_v1GTL9ogxdZoR6mHVfkl7wDdciXjg==
age: 49888
X-Firefox-Spdy: h2
browser.sentry-cdn.com/5.5.0/bundle.min.js
151.101.194.217200 OK 52 kB URL HTTP/2 browser.sentry-cdn.com/5.5.0/bundle.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (51441)
Hash b1dcc6195d84cf50c3e882d3d515f848
06562c193663a31a3cabeaa18cffeb882084fcb6
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
GET /5.5.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 11 Nov 2022 05:27:37 GMT
last-modified: Fri, 05 Jul 2019 11:17:04 GMT
etag: W/"39339cf627bc67e34d4c623bea4c0b4a"
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 22 Nov 2022 15:19:51 GMT
age: 1752232
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 51570
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/mac__pink.webp
54.230.111.123200 OK 12 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/mac__pink.webp
IP 54.230.111.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a98dc1bf7a5b00f765953d20c5b34f07
9dbeaf62f803c8e40dfae91e22562ce654755e0c
a01aca3d152d9e4e967861da156aaffdc6988246a432c29c688076aa2bfdde86
GET /mk-land/dist/images/landings/197_11/mac__pink.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12192
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:17:07 GMT
x-amz-version-id: bzsyDdFKv0Q6EwL5El9zjooRGx9ix1EM
accept-ranges: bytes
server: AmazonS3
date: Thu, 17 Nov 2022 09:19:25 GMT
cache-control: public, max-age=604800
etag: "a98dc1bf7a5b00f765953d20c5b34f07"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZqvyTv4w_A9DbSL6-dXUgZG8QGIMH7z3aj1E1EhhPTz_NFOP6StqRQ==
age: 453628
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/197_11/script.min.js?9d05deadd05ae106f1ad
54.230.111.123200 OK 12 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/197_11/script.min.js?9d05deadd05ae106f1ad
IP 54.230.111.123:0
Hash 7e76992ecde68feb5196ae0e34fd4888
ff6074b3289584df1a1f7c4ba9987d3d6122cfc4
742fbfc34ff38e229b2b089ff65fbaad9903e1807b3e9560e1df9482e62df330
GET /mk-land/dist/197_11/script.min.js?9d05deadd05ae106f1ad HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:36 GMT
x-amz-version-id: WrIjL5g8ilsI332i.vYUrTvr7TOHrjQ1
server: AmazonS3
content-encoding: gzip
date: Thu, 17 Nov 2022 09:15:39 GMT
cache-control: public, max-age=604800
etag: W/"f2bbb32b8da5f4aafea0ce1cde3c15ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B7TV-i6dkT9v_VHZgs0CpXMqi5zGUvXHbLOhwRg1Rh_mVmrb5iyKtg==
age: 453853
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
54.230.111.123200 OK 15 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
IP 54.230.111.123:0
Hash a6c32db9369da73a91e14960e2437a93
e2bbcb688db0cb7f1c993c464f5b551f7bf5fbe0
c572aed69595a06797aeb557c4882a3fdfbf29120eee99ada0e94f8da3b6839a
GET /mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Aug 2022 13:14:15 GMT
x-amz-version-id: Jl0RXpn0c8oZR7Q63Y6qoi366ZmOmU_x
server: AmazonS3
content-encoding: gzip
date: Mon, 21 Nov 2022 22:06:47 GMT
cache-control: public, max-age=604800
etag: W/"d1a0a853c5ed402158f15f2c707e440b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zll5pb9JT8cK8BT_zctIfbzoKukg8aJpjr2klW8EZgzJzHxXZAeqxg==
age: 61985
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk5-logo-206.svg
54.230.111.123200 OK 3.8 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk5-logo-206.svg
IP 54.230.111.123:0
Hash a8f30ea9e741b4b953a791169a968d73
4eccbe01f81883a49e88533a6b1f78a68b76a5a2
de0c8918d96392468eb5177b7217c6ea16df173c401e718b9d2d9fa4afc30f81
GET /mk-land/dist/svg/components/logo/mk5-logo-206.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 17 Nov 2022 09:45:32 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Apr 2022 14:50:37 GMT
etag: W/"0443bcb5ae8253499f7df7f80c45fc8c"
cache-control: public, max-age=604800
x-amz-version-id: nR7t7rVpGS8ZxmXxhcEXMLjpxYfbyxrO
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S7vUNXNu4ERwOBgTqzZtFptj763aDU9m9Ly9WkVUgT6NrLxGlp7z1Q==
age: 452060
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5
54.230.111.123200 OK 24 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?713042b92e8e26034ff5
IP 54.230.111.123:0
Hash aaca97308b515b05d709c1c7d8cfa754
bf7bbb493b510bba26b54c7f483a01ad40220f1f
b8293672235b66a14768f0de30913da0a364308c0f57b61fcb8cb07b6ab7e307
GET /mk-land/dist/critical/script.min.js?713042b92e8e26034ff5 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:19:26 GMT
x-amz-version-id: mBt3HOpoZzV_BXxKf5m06Uut_dgFAc_H
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 00:47:45 GMT
cache-control: public, max-age=604800
etag: W/"ae9c9df33a1c1fcfb8e94b7c77f9ad66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2L_kr9mXGLPRDl48R4CULKeJ7rit00CodhA-uifcV4-IftiLpuUjNg==
age: 52327
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/icon3.webp
54.230.111.123200 OK 1.8 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/icon3.webp
IP 54.230.111.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash aca271318ab95a1820340044d707e74d
ec5c429031c8f0366c90aa2e9ef13de8dfda4fb4
73eb9bdafc90d29dd340271655b616149458f68f38438e68def80159d0234d5d
GET /mk-land/dist/images/landings/197_11/icon3.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1798
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:17:03 GMT
x-amz-version-id: tmtMGJenQXyUvP3tEiq7D9ISTpZehh5V
accept-ranges: bytes
server: AmazonS3
date: Fri, 18 Nov 2022 09:44:36 GMT
cache-control: public, max-age=604800
etag: "aca271318ab95a1820340044d707e74d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wNAvUxJIFe7yHodkpeWDVlS3ZgIRfXjg0gmo2q0sm9xZAi00d0mw4g==
age: 365717
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/icon2.webp
54.230.111.123200 OK 2.4 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/icon2.webp
IP 54.230.111.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a83f6957793f6d532636ce8299c3ab9b
19049e9cdaa906b6eacb7057c4bff5febe478497
ebe659df2e09c50f12afda0732c2ed7e434e5fed2b1600329925e7ae461cd6ce
GET /mk-land/dist/images/landings/197_11/icon2.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 2380
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Mar 2022 09:17:09 GMT
x-amz-version-id: nfryY_e08qMo9vvL9zpsYPYTna6ZsFTP
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 09:00:53 GMT
cache-control: public, max-age=604800
etag: "a83f6957793f6d532636ce8299c3ab9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sp3FZwhRPWLM1TSCyrYkilPG9EcQkXgKEFNlj38MLEMLo4n0-GkXMg==
age: 195540
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/antivirus-new.webp
54.230.111.123200 OK 10 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/antivirus-new.webp
IP 54.230.111.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7538120123ef2faf24b13bed7bed3cdd
624c7cffe87830654466f14c5256fa573cc2cb26
ad9e28f3ec63bf1b97ebb5ad3b86a4bf1f86f27ec19e0c039d028c5f87804dc0
GET /mk-land/dist/images/landings/197_11/antivirus-new.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 10456
x-amz-replication-status: COMPLETED
last-modified: Thu, 31 Mar 2022 10:12:20 GMT
x-amz-version-id: GWfcxYD2xWtbVAE7DyinzGoS9zlb4J90
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 09:13:00 GMT
cache-control: public, max-age=604800
etag: "7538120123ef2faf24b13bed7bed3cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e8QQarAY91PAfoErAAWW5m9FDf_P3doEdQgCQ7xushBntKrFfXbAzw==
age: 194813
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b
54.230.111.123200 OK 34 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b
IP 54.230.111.123:0
Hash 81b7d6bf9edb3326f11421433a9d0d34
f72777d3af348b220205bf19d34e221893be7635
adb5456c0a7ac99f315a56890e68ee29e4e5dd9a2d48a97d5762be6e0b13a2a6
GET /mk-land/dist/default/script.min.js?17ab72af24a83de6eb4b HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 21 Nov 2022 05:41:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 14:18:44 GMT
etag: W/"f39243185bab35a6e62fc592e4ee5976"
cache-control: public, max-age=604800
x-amz-version-id: MqlWLhbTvSNRNbExGkOtw0bKSdtMf3rQ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b2Fke6FWy5FOoRMhTy4l9whv4aNczxyDPbkRX4y4mONu_Rz71UL4QQ==
age: 121120
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/safe_cleanup-new.webp
54.230.111.123200 OK 9.5 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/landings/197_11/safe_cleanup-new.webp
IP 54.230.111.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd8048baa6f3ce2025943dc2c233f884
d381f6105d26a9cf8d8ed453f2ba26db2883e962
6d0c96508390e1c02c3253ac5ff6bc009f8fd690b2c43f174b93fc4642241144
GET /mk-land/dist/images/landings/197_11/safe_cleanup-new.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/197_11/style.webp.min.css?8e8c6ded12635d93f10d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 9546
x-amz-replication-status: COMPLETED
last-modified: Thu, 31 Mar 2022 10:12:22 GMT
x-amz-version-id: VkrrQHAWD.mwu_EcgkcxY3J_FyXhNkp1
accept-ranges: bytes
server: AmazonS3
date: Mon, 21 Nov 2022 08:13:59 GMT
cache-control: public, max-age=604800
etag: "fd8048baa6f3ce2025943dc2c233f884"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ehWVCkmQi03DPZqWVtB76Vsei9mh-eBOM-Vs7tp9npKws0nlnptxyw==
age: 111954
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
143.204.55.110200 OK 1.9 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
IP 143.204.55.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4945)
Hash 1b1a56d9c9fcf8acab07f238231461df
72d6d8ecdb249b20852dc54d67530d0280515bc1
73b167681ae290cac469afde469076a7f222d5c5d2746122b2eaf5d7b4699e91
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Tue, 04 Oct 2022 10:33:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 03:53:56 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JZewxgCt9Du7rbY5tHr8uSH_nv-BiQaxlsxJtvfhwOEppUoXnSM1Ew==
age: 45439
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL
142.250.74.168200 OK 100 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (40633)
Size 100 kB (100183 bytes)
Hash a8e0180beab615d05c1e51a34b144cd6
6551fb9f3de1c711ffa00b52ce2b5bbb44f45506
2d23db8a7bc3824580cab2f84350d83b3748618b3ff817f277b4d07db6248271
GET /gtm.js?id=GTM-PVNC4DL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 15:19:52 GMT
expires: Tue, 22 Nov 2022 15:19:52 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
143.204.55.110200 OK 16 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
IP 143.204.55.110:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (50697)
Hash 7634c5de39bff7b73e2df27262caface
73bb5656a5b7eee0c6db68d3f708046f390ccb53
bc5f8d22d9a155ee87fe85ef326a9cc5c059a69aa5a6f7389882a88c057acc09
GET /trustboxes/53aa8807dec7e10d38f59f32/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 15505
last-modified: Tue, 04 Oct 2022 10:33:42 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 05:09:54 GMT
cache-control: max-age=86400
etag: "7634c5de39bff7b73e2df27262caface"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 36ySyplIvq2MObi2VD0iYqXtfcbhdV3N7GTrU7Mzs5C6UNkfDMj8VQ==
age: 36599
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
143.204.55.110200 OK 390 B URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
IP 143.204.55.110:0
File type JSON data\012- , ASCII text, with very long lines (881), with no line terminators
Hash 8afdfb6a08e70e5bc1fed4d52db5db0d
e837c3953f2c5690bcbf8660dfdb42def6e37566
45bcf8afdd45668e0211172ce973bf8b6bbf1606d5320c7dc5ef928a6e2958fe
GET /trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=4dbb14ee00006400050fa293&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 390
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Tue, 22 Nov 2022 14:50:26 GMT
etag: "1746e3cfce555328a54224efcea5c90a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W4qvJ6z0BNXJdRgunopg6IU6Nou_vQXfT1hqGq2OhLnObCAURdsEFg==
age: 1766
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
143.204.55.110204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 22 Nov 2022 15:19:51 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aAC_3X4xrxczA-fB3Y5g32VpGttNCUgvPJs0FadtDF2UG1USrNDuYQ==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
143.204.55.110204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 22 Nov 2022 15:19:52 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kXYHXXnr49LGfN0pR4044iAczoQmJvWRmPWDlxfx_9bN8J4ZJA-F4w==
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d4b8093a3488e05dede32d06215c9356
7a8b3c63ef0f1612227c7ffecbfa11b40ea63f20
e267821fca9a68a9081afaf23013317ffc745f3324ad3e03ca2c408e8af6a573
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=360
Date: Tue, 22 Nov 2022 15:19:52 GMT
Connection: keep-alive
X-N: S
tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTAwNjAwODc3NS4xNjY5MTMwMzkyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTguMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xOTcuMTEvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIwMGE4MzQ3ZmFiMjEwODliIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43MmE0YTlmZTViOTQ4ZjA2LjE2NjkxMzAzOTI0MTMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
143.204.55.125200 OK 43 B URL HTTP/2 tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTAwNjAwODc3NS4xNjY5MTMwMzkyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTguMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xOTcuMTEvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIwMGE4MzQ3ZmFiMjEwODliIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43MmE0YTlmZTViOTQ4ZjA2LjE2NjkxMzAzOTI0MTMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP 143.204.55.125:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTAwNjAwODc3NS4xNjY5MTMwMzkyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTguMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8xOTcuMTEvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIwMGE4MzQ3ZmFiMjEwODliIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43MmE0YTlmZTViOTQ4ZjA2LjE2NjkxMzAzOTI0MTMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr-rc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Tue, 22 Nov 2022 15:19:52 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y3CtXI4n-887-77beziAgqlrzT7mMQF8Mg2T5eyH60zx16wGeM6DlA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5723
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:19:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5723
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:19:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5723
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:19:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 62483
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 15:03:51 GMT
age: 961
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5723
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:19:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmrDryUp_4bvIikGkppa36e9isEfvK0gjunV6xmU5ApJtxlLR_GYkA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:18 GMT
age: 62074
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QB2RJo7NR7FMDRC7fC9eLMW99KR7andopIeu4qi0yp_tihE0vtpkXw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:49:03 GMT
age: 37849
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t.adcell.com/js/trad.js
185.5.82.77200 OK 28 kB IP 185.5.82.77:0
Hash a34cc984e8751c76f0d832d143c98a8e
ff151ae29bd3b993c58c48c99e45be4fe5043b41
0141959f738b38f6d104703944d1dd2cba80dc12fa7c61ed128fde22ddcc17a1
GET /js/trad.js HTTP/1.1
Host: t.adcell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: myracloud
date: Tue, 22 Nov 2022 15:19:52 GMT
content-type: text/javascript
strict-transport-security: max-age=15768000
content-encoding: gzip
vary: accept-encoding
expires: Tue, 22 Nov 2022 15:34:40 GMT
cache-control: max-age=900
etag: "myra-2731217b"
x-cdn: 1
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sBNLrVAl4G6pJ-OBZ6aJZC64MrkkGQdsuZKITQwcqgYgP6-GJiblfA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:20 GMT
age: 62433
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-
3.223.51.75302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-
IP 3.223.51.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 22 Nov 2022 15:19:53 GMT
content-length: 0
trace-id: 9e5c1c9e45ef6572
vary: Origin
location: /j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-&n3pc=true
set-cookie: lidid=9efd72e1-fa65-48bf-b14b-43881c13f282; Max-Age=63072000; Expires=Thu, 21 Nov 2024 15:19:53 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-&n3pc=true
3.223.51.75200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-&n3pc=true
IP 3.223.51.75:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1669130392407&aid=a-015g&se=e30&duid=f810f9c9df2c--01gjfys4np9b1qveh32zv8y0hg&tna=v2.5.1&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkZXJfX3RpdGxlIGhlYWRlcl9fdGl0bGVfZnJlZSAgaGVhZGVyX190aXRsZV9zbWFsbCI-R2V0IGFudGl2aXJ1cyBwcm90ZWN0aW9u4oCUc2NhbiB5b3VyIE1hYzwvaDE-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:53 GMT
content-type: application/json
content-length: 13
trace-id: e2fd1d52a57ee815
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 4a694183-dab6-4761-8da8-7118359c5264
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
54.230.111.123200 OK 407 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
IP 54.230.111.123:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 471c1c90d41a571f14162d7a8a9c8b9c
b08dfa2783c706945451a8f4890bdb9243936e78
eb625a455a490292aa2a7101dd7b3235bc4c92df0f08349c6663df51b7b66c27
GET /mk-land/dist/images/favicon_ua.png HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 407
date: Mon, 21 Nov 2022 05:41:14 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Apr 2022 09:52:27 GMT
etag: "471c1c90d41a571f14162d7a8a9c8b9c"
cache-control: public, max-age=604800
x-amz-version-id: fOjB1uVWJszrafJRMb0A4UZGtOA62i.I
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JNStIACtSkObhv07d089xKtpIG3iefcI7WZqpDwMyyOSYrN1rxM0pA==
age: 121120
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb90&_p=2036883199&_gaz=1&cid=1006008775.1669130392&ul=en-us&sr=1280x1024&_s=1&sid=1669130392&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb90&_p=2036883199&_gaz=1&cid=1006008775.1669130392&ul=en-us&sr=1280x1024&_s=1&sid=1669130392&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GYTXD89N1W>m=2oeb90&_p=2036883199&_gaz=1&cid=1006008775.1669130392&ul=en-us&sr=1280x1024&_s=1&sid=1669130392&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Tue, 22 Nov 2022 15:19:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 22 Nov 2022 15:39:53 GMT
Date: Tue, 22 Nov 2022 15:19:53 GMT
Content-Length: 5276
Connection: keep-alive
app2.mackeeperaff.com/land/197.11/
34.203.24.156200 OK 7.9 kB URL HTTP/2 app2.mackeeperaff.com/land/197.11/
IP 34.203.24.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12961), with CRLF, LF line terminators
Hash 82500bcc612432ac0a1d835bedd627be
3edd513b04181243557d3ea1391f4314b18c4aaf
c3da760825a57deafa527078126e9f088403d4c45f6cb2480e09596f61299472
Analyzer Verdict Alert quad9 Sinkholed
GET /land/197.11/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:51 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src 'self' *.hotjar.com *.mackeeper.com;frame-ancestors 'none';frame-src 'self' 'unsafe-inline' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com *.cdn.onesignal.com *.onesignal.com *.criteo.com static-cdn.mackeeper.com;child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com blob: *.cdn.onesignal.com *.onesignal.com *.liadm.com static-cdn.mackeeper.com;form-action 'self' *.mackeeper.com *.facebook.com;img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com mc.yandex.ru cx.atdmt.com *.baidu.com *.gstatstrk.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.zoomsupport.com *.cloudmccloud.com linkconnector.com *.linkconnector.com *.linkedin.com https://p.adsymptotic.com *.clarity.ms *.lfeeder.com static-cdn.mackeeper.com *.imcounting.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net *.yimg.jp *.addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com *.baidu.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com cdnjs.cloudflare.com *.clickcease.com *.sentry-cdn.com *.criteo.net *.criteo.com https://snpa.licdn.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com *.the.sciencebehindecommerce.com *.licdn.com *.liadm.com *.clarity.ms *.adcell.com *.lfeeder.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.referrer.disqus.com *.google.com *.google.com.ua *.addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com *.googletagmanager.com;font-src 'self' data: *.doubleclick.net *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;object-src *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.liadm.com static-cdn.mackeeper.com;connect-src 'self' *.mackeeper.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net *.lcidc.liadm.com *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com *.pushdata.onesignal.com:* *.onesignal.com *.taboola.com *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com sentry.cloudmccloud.com *.liadm.com *.macupdate.com https://api.account.mackeeper.com https://api.account.sz.mackeeper.com https://api-ne.mackeeper.com *.adcell.com *.clarity.ms *.lfeeder.com *.static-cdn.mackeeper.com https://crm.account.mackeeper.com https://chat-crm.account.mackeeper.com static-cdn.mackeeper.com https://cdn.linkedin.oribi.io/
set-cookie: XSRF-TOKEN=eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0%3D; expires=Tue, 22-Nov-2022 17:19:51 GMT; Max-Age=7200; path=/; secure; samesite=lax
mackeeper_session=eyJpdiI6IlhJYlAwUVlUamN4bXRja2Z2WlJsT0E9PSIsInZhbHVlIjoiQXZzTllMT0RPWVNaclhVMkZkU1FZZzhEdm1HRFZSVmxneVI4QW1wendEcTJiejZ2eUJzXC81eDNOSzRZODk2aGhcL082cVVWbWRrWmFwcEZLa2VTXC9YZmpxeGFpZldaanZKRURJRmd3SXlZUUkwQmZQc05aSWl5VDdidGZPTDd3Tk8iLCJtYWMiOiIzNTM2MjdkMWFlYjM1NjdiZDFkNTk0MTgxMzNmMjc1NWUxMmZhYmZkZWFiMjExYzA4MDAyNjBkODZiMDg2NTQyIn0%3D; expires=Tue, 22-Nov-2022 17:19:51 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
country=NO; expires=Sun, 21-May-2023 15:19:51 GMT; Max-Age=15552000; path=/; domain=.mackeeper.com; secure; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: cf49849f6d1f7e71da5348d3c8a771f5
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=3486D87971396CA809D3CA1D706E6D82; domain=.bing.com; expires=Sun, 17-Dec-2023 15:19:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4563293EA59A4F50B2E9D9B63CD3CD1F Ref B: OSL30EDGE0419 Ref C: 2022-11-22T15:19:53Z
date: Tue, 22 Nov 2022 15:19:53 GMT
X-Firefox-Spdy: h2
www.dwin1.com/23738.js
143.204.55.32200 OK 8.8 kB IP 143.204.55.32:0
Hash ccaeb86e238f8e48ed280cfa3893a141
dd5c44283a33be7ecf1bb12784367f7c79f94637
7a8349e5d55c3dd956838fa9f03bcfa2b9c6f918faa0d04888ce8fd39b89b387
GET /23738.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 01:01:46 GMT
x-amz-version-id: 0uegheH4XCK.kmhHWkbYthnbd2Uc3dUA
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 15:15:48 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"91fc23aa2a18949b2feabfe01e397134"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2GVKlad7D7AwkDAeh2XovVJYmFtrfNnQ1tvkv5mK9yy6lcL2LuWkvw==
age: 363
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fab2cb3bd48a955d89176110d75459e4
8e642591b32f0095b8302d23b2aa3d4849352c56
71e3ae0dd72335874bd1e42e216d72a6185fb21786e55efbf3012ee0094692a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1
142.251.1.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1
IP 142.251.1.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Tue, 22 Nov 2022 15:19:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1&z=1614168022
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1&z=1614168022
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1006008775.1669130392>m=2oeb90&aip=1&z=1614168022 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 15:19:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 5.9 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HDkZR0yUGLefKWkiWEZPsS+7eb+A5oX+2CFUsXNmhA+SVDtMdkBwyQ6kog8MAsIbf5hjiXAJQLM=
x-amz-request-id: MR16HTKS5R3WJ4YA
date: Tue, 22 Nov 2022 15:11:39 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 495
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1212352/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1212352/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58475)
Hash 29f6fa4962ac61eeb96c54c9650a8e03
a2de4184ff8be3f3ed71ef687c2ddf9c30d1f47b
94a2f04afa3ec762db815648583e53030341e051b814a12597f31f8712a5a7a4
GET /libtrc/unip/1212352/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7G3IXx/HlKbx+wTh5Xnt2vmjO80jWGrlGacFGsVN5dv8oYrLmp4JAC4GrxRk/Zl9W80tHOrPT+A=
x-amz-request-id: XKTWG0MR8BREEW73
x-amz-replication-status: PENDING
last-modified: Sun, 20 Nov 2022 11:03:07 GMT
etag: "0f02997d752b67b12d2ea99a5e1e976e"
x-amz-version-id: cVW03nXWp2VmIc9ebGYkLA5skgLN0zKQ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 15:19:53 GMT
via: 1.1 varnish
age: 39
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669130393.397341,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 55
content-length: 17934
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72d50acad831beb6384250b4be217004
4c63b5d7120df90dce65d1d9a449e0779916cd86
948ea04f802c71a04d3a7f3e5a056b195b99d7e4b346b1b2e8afb53fd537b642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6071
Cache-Control: max-age=123394
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Etag: "637c0fe4-1d7"
Expires: Thu, 24 Nov 2022 01:36:27 GMT
Last-Modified: Mon, 21 Nov 2022 23:55:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
app2.mackeeperaff.com/land/api/send-event
34.203.24.156200 OK 101 B URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 34.203.24.156:0
Hash c1bcb881d5ed13078c01ad26966ff42b
6590c3e7e8eb1e5cff6c4fce2a7fbf260a41651c
c53ffaadab7b0d84c829e1271f50681b686ac1a282dccf4831f119486aa33779
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: dVB0MD7wJHnVGVn4Xapvfjbn3i0q1b5t00K5YYSR
X-XSRF-TOKEN: eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0=
Content-Length: 105
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/197.11/
Cookie: XSRF-TOKEN=eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0%3D; mackeeper_session=eyJpdiI6IlhJYlAwUVlUamN4bXRja2Z2WlJsT0E9PSIsInZhbHVlIjoiQXZzTllMT0RPWVNaclhVMkZkU1FZZzhEdm1HRFZSVmxneVI4QW1wendEcTJiejZ2eUJzXC81eDNOSzRZODk2aGhcL082cVVWbWRrWmFwcEZLa2VTXC9YZmpxeGFpZldaanZKRURJRmd3SXlZUUkwQmZQc05aSWl5VDdidGZPTDd3Tk8iLCJtYWMiOiIzNTM2MjdkMWFlYjM1NjdiZDFkNTk0MTgxMzNmMjc1NWUxMmZhYmZkZWFiMjExYzA4MDAyNjBkODZiMDg2NTQyIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:53 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 81e6c4489e961bfc4b635faae5603b48
X-Firefox-Spdy: h2
app2.mackeeperaff.com/land/api/send-event
34.203.24.156200 OK 966 B URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 34.203.24.156:0
Hash 55319bd44d4f30fc2747c162bf0fc614
c911705925a993286cd3f90285967310fdd69a37
0bb6ff725ad20056570af276e514e2edc7d2416b3f8928b36486f9762537a551
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: dVB0MD7wJHnVGVn4Xapvfjbn3i0q1b5t00K5YYSR
X-XSRF-TOKEN: eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0=
Content-Length: 107
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/197.11/
Cookie: XSRF-TOKEN=eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0%3D; mackeeper_session=eyJpdiI6IlhJYlAwUVlUamN4bXRja2Z2WlJsT0E9PSIsInZhbHVlIjoiQXZzTllMT0RPWVNaclhVMkZkU1FZZzhEdm1HRFZSVmxneVI4QW1wendEcTJiejZ2eUJzXC81eDNOSzRZODk2aGhcL082cVVWbWRrWmFwcEZLa2VTXC9YZmpxeGFpZldaanZKRURJRmd3SXlZUUkwQmZQc05aSWl5VDdidGZPTDd3Tk8iLCJtYWMiOiIzNTM2MjdkMWFlYjM1NjdiZDFkNTk0MTgxMzNmMjc1NWUxMmZhYmZkZWFiMjExYzA4MDAyNjBkODZiMDg2NTQyIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:52 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 179
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: e5c382c46a61e482cfa87e12e2bf18b6
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH
142.250.74.174200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH
IP 142.250.74.174:0
File type ASCII text, with very long lines (1921)
Hash 26a56d34967429ddb959f0fd3ac9c513
b0206dc262fabb7fd46966dfc4e5a9706bdec7d3
d15c0dffd51bfe53bd0c3f0efd885af721b0f9d380118b3244d11f5a360ea802
GET /gtm/optimize.js?id=OPT-TVNW4WH HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 15:19:53 GMT
expires: Tue, 22 Nov 2022 15:19:53 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1010020041/?random=1669130392069&cv=11&fst=1669130392069&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1661116182.1669130392&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1010020041/?random=1669130392069&cv=11&fst=1669130392069&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1661116182.1669130392&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1010020041/?random=1669130392069&cv=11&fst=1669130392069&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1661116182.1669130392&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 15:19:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1010020041/?random=1669130392069&cv=11&fst=1669130392069&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9Uq1COfCvoMDEMndzuED&hn=www.google.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&value=0&bttype=purchase&auid=1661116182.1669130392&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app2.mackeeperaff.com/land/api/send-event
34.203.24.156200 OK 923 B URL HTTP/2 app2.mackeeperaff.com/land/api/send-event
IP 34.203.24.156:0
Hash 7d5ff1acd5a02dc3051119766c1b1edb
cb4d4fffc12778b8548da5d07cd4ed26d48f5080
3c85afe0de721d8935165ba300e613a38e2ed8b1c3035609cb24c4fa478404f1
Analyzer Verdict Alert quad9 Sinkholed
POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: dVB0MD7wJHnVGVn4Xapvfjbn3i0q1b5t00K5YYSR
X-XSRF-TOKEN: eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0=
Content-Length: 106
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/197.11/
Cookie: XSRF-TOKEN=eyJpdiI6IkdvWVI2dnVhNWJibm5rNG9MMUlWUVE9PSIsInZhbHVlIjoiN1hsQnBjblpLRVZEUXpBV3QzVXBacG5WeXltNkRhaXJaS29jQnhuSGg0clYyNGFOOEZmNkpEYUpGTTJ0NWhhb3M3Z0RuSmNZU3RzRW1PYVQrWUtnSFRab3dzSm1OUExkZTYrVGJGY2RhQlFDNWZTTmpzR2k3dFpzZklkVmF6dmIiLCJtYWMiOiJjMzZlMDZkODNlMGE3ZDk3NGQ5NmVjZTZkMjNmZjEwMzhjMDAzZTAzNmUxNjFmYWYzNTIxYTE4MmNiNzA0NWQyIn0%3D; mackeeper_session=eyJpdiI6IlhJYlAwUVlUamN4bXRja2Z2WlJsT0E9PSIsInZhbHVlIjoiQXZzTllMT0RPWVNaclhVMkZkU1FZZzhEdm1HRFZSVmxneVI4QW1wendEcTJiejZ2eUJzXC81eDNOSzRZODk2aGhcL082cVVWbWRrWmFwcEZLa2VTXC9YZmpxeGFpZldaanZKRURJRmd3SXlZUUkwQmZQc05aSWl5VDdidGZPTDd3Tk8iLCJtYWMiOiIzNTM2MjdkMWFlYjM1NjdiZDFkNTk0MTgxMzNmMjc1NWUxMmZhYmZkZWFiMjExYzA4MDAyNjBkODZiMDg2NTQyIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:52 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 178
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: e9bd36cb50f4cd2aa4e5a10561768f01
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
54.230.111.8200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://app2.mackeeperaff.com/
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Tue, 22 Nov 2022 05:45:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1YVivcc_8TKJ-ALw9i-wtcrvgHeaAh1teO7bAznCy-Fvg-O9V8UcOg==
age: 34455
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
54.230.111.123200 OK 55 kB URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
IP 54.230.111.123:0
Hash 13fc9e934b0f69c2dce1761ab6f9ec69
6850554ec5e889d7f9a94b09066495b9ffbd55f1
312918610d62175dca243c83a90eb5a014238d9edef0ed694aec26a5813418dd
GET /mk-land/dist/fonts/MarkOT-Light.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: 0k6awkdioEQDqMMUsMLLZL0d1S0LNdte
server: AmazonS3
content-encoding: gzip
date: Thu, 17 Nov 2022 21:26:06 GMT
cache-control: public, max-age=604800
etag: W/"48dd0f49a4207634e9062def9074a038"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R_hLN8uoRqyxWFjC5gIMM5tQvWsY-UoP24XEhK39g84PqLmzIcwjSA==
age: 410027
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1669130392066&cv=11&fst=1669130392066&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&auid=1661116182.1669130392&rfmt=3&fmt=4
142.250.74.98200 OK 863 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1669130392066&cv=11&fst=1669130392066&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&auid=1661116182.1669130392&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (1799), with no line terminators
Hash 22f20ead811e8b6a9921dd14db74810d
2fa6fe425495b510d4e8d4621b65376006f0d0bf
1b458c4362bb122a269a63237a1246172b622e62d58d3021702f5fc453872be2
GET /pagead/viewthroughconversion/957119846/?random=1669130392066&cv=11&fst=1669130392066&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&tiba=MacKeeper&auid=1661116182.1669130392&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 15:19:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 863
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Nov-2022 15:34:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: dhrbVal3WrBKT+3x8wrEwZ/JexR2x0IsdJZw4YJTP/wq7z9aGR7s3xPILBHa/IkG1b3ZsKIWGVA8zr/zCfa4Aw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 22 Nov 2022 15:19:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KEiWtVcbA_Wqg8DgnVWvEOraIYL7br4HntyQGcKeb98f8kgLNQ0LnA==
age: 1565867
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9ef11a2d1e232b4b45e40ff0c29fa8b0
0966963f13e3b149e3e3c8c2c81e7986d1d8a07b
9ce8b9ab5f1dfdc0686d1660ed64c6eff5cc3d1492d82aa769ac58e3a159dd1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72d50acad831beb6384250b4be217004
4c63b5d7120df90dce65d1d9a449e0779916cd86
948ea04f802c71a04d3a7f3e5a056b195b99d7e4b346b1b2e8afb53fd537b642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6071
Cache-Control: max-age=123394
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Etag: "637c0fe4-1d7"
Expires: Thu, 24 Nov 2022 01:36:27 GMT
Last-Modified: Mon, 21 Nov 2022 23:55:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0297c26dd85ac836c9ee4b0d8dc86452
3123acd6ec5a63ed7d2e9f7c853ef8ba77aa2496
b7874e5ad214b9e945f614fdb85df2b4677903e2432da39739ce365af34f4263
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4188
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Last-Modified: Tue, 22 Nov 2022 14:10:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0297c26dd85ac836c9ee4b0d8dc86452
3123acd6ec5a63ed7d2e9f7c853ef8ba77aa2496
b7874e5ad214b9e945f614fdb85df2b4677903e2432da39739ce365af34f4263
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5959
Cache-Control: max-age=113558
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:19:53 GMT
Etag: "637be9e8-1d7"
Expires: Wed, 23 Nov 2022 22:52:31 GMT
Last-Modified: Mon, 21 Nov 2022 21:13:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&r=<=1917&evt=pageLoad&sv=1&rn=298462
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&r=<=1917&evt=pageLoad&sv=1&rn=298462
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&r=<=1917&evt=pageLoad&sv=1&rn=298462 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2D6B89D835156E4216179BBC34426F3B; domain=.bing.com; expires=Sun, 17-Dec-2023 15:19:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC7AD5587BE84DC08D63F5FB2D56B6B6 Ref B: OSL30EDGE0419 Ref C: 2022-11-22T15:19:53Z
date: Tue, 22 Nov 2022 15:19:53 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=98753
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=98753
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=36002432&Ver=2&mid=2cd9d4a5-dfd5-49c2-b750-e245345957bd&sid=1d31c7006a7911edb9d759a8dd90541c&vid=1d31e8306a7911ed9f4c49a116a94051&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=98753 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=12551B4D837B6FA10E870929822C6E3B; domain=.bing.com; expires=Sun, 17-Dec-2023 15:19:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4128E35ED285413DA81AAACA57C3400C Ref B: OSL30EDGE0419 Ref C: 2022-11-22T15:19:53Z
date: Tue, 22 Nov 2022 15:19:53 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.55241fd65a1af5a1837b.js
143.204.55.46200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.55241fd65a1af5a1837b.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f82b1a8e62b6a241154cb066c4d1ad8
942982f722f180cb3eac787f0f5edb1f3927696a
36a9999c741ee16ea1337a713b13a62f7e368a437ebe9581c487d42b7c7fe50b
GET /modules.55241fd65a1af5a1837b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68617
date: Thu, 17 Nov 2022 11:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QQjf-rb1h8ut0lvi9rjd8-ilFZu-e6zKWKdYr0qugcO7XzxG3XB14A==
age: 447227
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
70.42.32.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 15:19:53 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 75f32bd8a42acd734b141c126ed28cb0
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&optOut=false&bust=05927578333620099&referrer=
70.42.32.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&optOut=false&bust=05927578333620099&referrer=
IP 70.42.32.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=005ba92794eafc10da81bd91da6dc1a949&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&optOut=false&bust=05927578333620099&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 15:19:53 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 470a070d05ba6f8d04b5282052c26fed
content-encoding: gzip
bat.bing.com/p/action/36002432.js
13.107.21.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/36002432.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash af03844de699f6e7e0ed552f725a22df
10eae56beeacb28641d52a664eccaf4818bad5fe
472f9e0968b39c41aa022478f9d20e01e5131d6bd50451676cefad81427420ac
GET /p/action/36002432.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1423
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=33E158B3EC6F6A5D23C24AD7ED386B1E; domain=.bing.com; expires=Sun, 17-Dec-2023 15:19:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9D7CFB2755E449D8083A7CE545B9FF4 Ref B: OSL30EDGE0419 Ref C: 2022-11-22T15:19:53Z
date: Tue, 22 Nov 2022 15:19:53 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1669130393145%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F197.11%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKa2vJFjBRqPwAAAYSf7JjxyRsqZ-ugGh-LPQuEn7wrxwZY04xEAi9L7aPO_vqw-w1MogvjFjgj-w; Max-Age=2592000; Expires=Thu, 22 Dec 2022 15:19:53 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKnBZRxew5CnwAAAYSf7JjxgrUeiA0Rtb2xPkgaPlJjldnWdiStUKIFtdVBC3Z_dAcH5TsNhMdPqGGrW3SgmA; Max-Age=2592000; Expires=Thu, 22 Dec 2022 15:19:53 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&fb3ef64b-f0ac-41f6-81b9-4e651e7ee0de"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 22-Nov-2023 15:19:53 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2435:u=1:x=1:i=1669130393:t=1669216793:v=2:sig=AQHWbmQXOfb8rAtYLS14U6qU9xpgpy93"; Expires=Wed, 23 Nov 2022 15:19:53 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXuELQ1P/qsaYDoE8lUVA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 400D4AA5693F40B29BF05E889B6ED4EE Ref B: OSL30EDGE0317 Ref C: 2022-11-22T15:19:53Z
date: Tue, 22 Nov 2022 15:19:53 GMT
content-length: 0
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10013499.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10013499.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10013499.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: YCZFKSR7GKVVFK7P
x-amz-id-2: j88utaZcfq1DB8sT6657NPIb3uFO3KtajE6q/QwpyxlkHoMpWE9AbBYdJrXWKVCuZcDZrOCDLzI=
content-type: application/json
date: Tue, 22 Nov 2022 15:19:53 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 3
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&rl=&if=false&ts=1669130393658&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669130393657.1884379928&it=1669130393391&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&rl=&if=false&ts=1669130393658&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669130393657.1884379928&it=1669130393391&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&rl=&if=false&ts=1669130393658&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669130393657.1884379928&it=1669130393391&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Nov 2022 15:19:54 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1669130393145%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F197.11%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1669130393145%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F197.11%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1669130393145%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F197.11%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&9515bf60-6c71-40ad-87bb-ade3b4a0accd"; Domain=.linkedin.com; Expires=Wed, 22-Nov-2023 15:19:54 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221122151954ef39c0ad-b08e-4b1a-8873-f561fb948cc8AQHLaKGZvT3sQMrSwJYGxuuQbygZI3CO"; Domain=.www.linkedin.com; Expires=Wed, 22-Nov-2023 15:19:54 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjkxMzAzOTQ7MjswMjFdiRQv/KxAokaGqwlg77PSR8dFYpVooZRSHmR/yK1JZg==; Domain=.linkedin.com; Expires=Sun, 21 May 2023 15:19:54 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2377:u=1:x=1:i=1669130394:t=1669216794:v=2:sig=AQF-s4wSns71zRlaRl7GoX9cWW_M5Bhe"; Expires=Wed, 23 Nov 2022 15:19:54 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuELQ5YCgfO4s761veng==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 06F25F8FF60C4D76B275C537F0647212 Ref B: OSL30EDGE0317 Ref C: 2022-11-22T15:19:54Z
date: Tue, 22 Nov 2022 15:19:53 GMT
content-length: 0
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2022%20Nov%202022%2015%3A19%3A53%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2022%20Nov%202022%2015%3A19%3A53%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Tue%2C%2022%20Nov%202022%2015%3A19%3A53%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:19:54 GMT
expires: Tue, 22 Nov 2022 15:19:54 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJrofGMCEHs6b1wgVYZbfvZPk9rr_IsFEgEBAQE6fmOGYwAAAAAA_eMAAA&S=AQAAAr1YvGsBLBSEqZEmmcOYe6Q; Expires=Wed, 22 Nov 2023 21:19:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/36002432
13.107.219.53200 OK 57 kB URL HTTP/2 www.clarity.ms/tag/uet/36002432
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 3f28f6a84045736d41b6d69db3aba66e
b628a1ef3f7e2ad002fc1c9d1cd2a43444a8aa06
78428646d460f135517df68f807171dc70ad82066a0be552384cc5d737eaae26
GET /tag/uet/36002432 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=4b3c51cce1e04f29acfe95ed7814462c.20221122.20231122; expires=Wed, 22 Nov 2023 15:19:54 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0muh8YwAAAACzQ8g0Zj1+SpZ89+OhBPy4T1NMMjMxMDUwMjA1MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Tue, 22 Nov 2022 15:19:53 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&RedC=c.clarity.ms&MXFR=241C083678D96F113EC61A527CD961DA
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=241C083678D96F113EC61A527CD961DA; domain=.clarity.ms; expires=Sun, 17-Dec-2023 15:19:54 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 22 Nov 2022 15:19:54 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&RedC=c.clarity.ms&MXFR=241C083678D96F113EC61A527CD961DA
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&RedC=c.clarity.ms&MXFR=241C083678D96F113EC61A527CD961DA
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&RedC=c.clarity.ms&MXFR=241C083678D96F113EC61A527CD961DA HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&MUID=3A7D2B20DEFC679A0F803944DFAB6644
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3A7D2B20DEFC679A0F803944DFAB6644; domain=c.bing.com; expires=Sun, 17-Dec-2023 15:19:54 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF1E7D20D6DD4C97BBE471324718841F Ref B: OSL30EDGE0419 Ref C: 2022-11-22T15:19:54Z
date: Tue, 22 Nov 2022 15:19:54 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3865705&time=1669130393145&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&eefdb03a-e089-41d4-8955-7a33ae9d0ce1"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 22-Nov-2023 15:19:54 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1669130394:t=1669216794:v=2:sig=AQHxV33FuaG2ewWSOEYmvq3mCjTv-8m5"; Expires=Wed, 23 Nov 2022 15:19:54 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXuELQ8PlF4jJdOFbaI9A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2D77508A25664B459CC7A2FCE848F76E Ref B: OSL30EDGE0317 Ref C: 2022-11-22T15:19:54Z
date: Tue, 22 Nov 2022 15:19:53 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&MUID=3A7D2B20DEFC679A0F803944DFAB6644
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&MUID=3A7D2B20DEFC679A0F803944DFAB6644
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=A5CFB8E72BDF4641888E2BC10CD374BA&MUID=3A7D2B20DEFC679A0F803944DFAB6644 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 22-Nov-2022 15:29:54 GMT; path=/; SameSite=None; Secure;
date: Tue, 22 Nov 2022 15:19:54 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16152
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Tue, 22 Nov 2022 15:19:54 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669130394779&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669130394779&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669130394779&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 22 Nov 2022 15:19:55 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669130397781&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669130397781&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=64&ssd=1&est=1669130393216&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669130397781&vi=1669130393214&ri=8c56ac86d3af5ea6683d01a4f82210da&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 22 Nov 2022 15:19:58 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Bold.otf
54.230.111.123200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Bold.otf
IP 54.230.111.123:0
GET /mk-land/dist/fonts/MarkOT-Bold.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:12 GMT
x-amz-version-id: _SyAJ1U0XNp0EgWFZoSm7jR1ZmFIsGhh
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 00:49:29 GMT
cache-control: public, max-age=604800
etag: W/"336e38c18c3ac1666fa496c919b08eca"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2VaBLucwSc2YxQm29-44bQ5BZp53R0-5A-hcTt8RTg7ll3sjOcIgfg==
age: 52224
X-Firefox-Spdy: h2
b-code.liadm.com/a-015g.min.js
143.204.55.129200 OK 0 B URL HTTP/2 b-code.liadm.com/a-015g.min.js
IP 143.204.55.129:0
GET /a-015g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 22 Nov 2022 04:49:18 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E7c12Fw2EzoMA7UnvUKXXmOl9KUIjM4d4TMeGQ_LBcM56FhHd9gqBw==
age: 37834
X-Firefox-Spdy: h2
trc.taboola.com/1212352/trc/3/json?tim=1669130393229&data=%7B%22id%22%3A109%2C%22ii%22%3A%22%2Fland%2F197.11%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669130393214%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669130393228%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A64%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1212352/trc/3/json?tim=1669130393229&data=%7B%22id%22%3A109%2C%22ii%22%3A%22%2Fland%2F197.11%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669130393214%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669130393228%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A64%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1212352/trc/3/json?tim=1669130393229&data=%7B%22id%22%3A109%2C%22ii%22%3A%22%2Fland%2F197.11%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669130393214%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669130393228%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F197.11%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A64%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 15:19:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669130394.740448,VS0,VE97
vary: Accept-Encoding
x-vcl-time-ms: 97
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
54.230.111.123200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
IP 54.230.111.123:0
GET /mk-land/dist/fonts/MarkOT.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
x-amz-version-id: Eju.irxG68JYjYuEi7BGXEsqN0F4MTaA
server: AmazonS3
content-encoding: gzip
date: Sun, 20 Nov 2022 04:28:50 GMT
cache-control: public, max-age=604800
etag: W/"106ae5fa4d0e51fa73ed42c3beecda5e"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ufypsurK4WKaGofL7aymjOQ3735kvjaOKOSN-G8ULxcSMOd1p_7Gg==
age: 211862
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400
IP 142.250.74.10:0
GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 15:19:51 GMT
date: Tue, 22 Nov 2022 15:19:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
143.204.55.10200 OK 0 B URL HTTP/2 sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
IP 143.204.55.10:0
GET /lftracker_v1_ywVkO4XWPeW7Z6Bj.js HTTP/1.1
Host: sc.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 07:16:22 GMT
x-amz-version-id: lDy2Z.RLQNoGtb5UZ6mVm3abGgK6xCEP
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 14:38:53 GMT
cache-control: max-age=3600
etag: W/"a40c3b808d81ec85326e1c68aacd9b4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -maBWYhAJAsGkel2GB1Hfa1ZlOv7EytWlo9Eq6w9feO219ybrB88Ng==
age: 2781
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-190484.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-190484.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-190484.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 15:19:08 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/323b7cc661d51bf244121ab6e3d22318
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nx0reSlSuKm_8ldgR30l101kfXQAcghGSpYNsAix_g6HRMIWQqLRpg==
age: 45
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
54.230.111.8200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3865705/domain/app2.mackeeperaff.com/token
IP 54.230.111.8:0
GET /partner/3865705/domain/app2.mackeeperaff.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 22 Nov 2022 15:03:26 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ft8nG5qVkAodwANQy_1EgwRS47i60CGHG4qt8-zvkEGyLjEOrav47A==
age: 987
X-Firefox-Spdy: h2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf
54.230.111.123200 OK 0 B URL HTTP/2 static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Medium.otf
IP 54.230.111.123:0
GET /mk-land/dist/fonts/MarkOT-Medium.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:12 GMT
x-amz-version-id: adnRDSe0awZldw3c8I6M4tTQa_wDyvz_
server: AmazonS3
content-encoding: gzip
date: Sun, 20 Nov 2022 01:55:28 GMT
cache-control: public, max-age=604800
etag: W/"44a8a536b53be74bb2ebfc4fa3403364"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K8D5FqujtZrpU5kTahObvDxLL7HyjPBg55DWEmTWjLBz2y5rfJNHZQ==
age: 221065
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 15:19:51 GMT
date: Tue, 22 Nov 2022 15:19:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2