Report - app2.mackeeperaff.com/land/225/

Report Overview

Submitted URL
app2.mackeeperaff.com/land/225/
IP
3.225.159.165
ASN
#14618 AMAZON-AES
Submitted
2022-10-20 14:51:39
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	2.0 kB	143.204.42.165
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	380 B	21 kB	142.250.74.174
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-09T12:47:31Z	499 B	1.7 kB	143.204.55.105
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-09T08:09:16Z	976 B	2.3 kB	13.107.42.14
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-09T13:41:05Z	3.8 kB	8.6 kB	216.58.211.2
browser.sentry-cdn.com	4393	2018-07-13T13:42:06Z	2023-03-09T05:20:31Z	407 B	52 kB	151.101.66.217
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	1.1 kB	1.3 kB	173.194.73.154
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-09T05:11:02Z	831 B	1.2 kB	20.234.93.27
sp.analytics.yahoo.com	816	2014-01-31T21:48:24Z	2023-03-09T05:28:44Z	548 B	949 B	76.13.32.146
trc-events.taboola.com	1779	2020-06-09T15:52:57Z	2023-03-09T05:14:38Z	1.3 kB	740 B	141.226.228.48
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	621 B	349 B	31.13.72.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	52.38.146.2
widget.trustpilot.com	6018	2017-02-01T20:05:34Z	2023-03-09T14:03:32Z	6.1 kB	65 kB	143.204.55.80
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	375 B	95 kB	142.250.74.168
tr-rc.lfeeder.com	unknown	2022-10-20T11:48:08Z	2023-03-09T07:10:40Z	1.1 kB	396 B	143.204.55.34
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-09T05:17:26Z	370 B	3.2 kB	143.204.55.98
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
static-cdn.mackeeper.com	346539	2015-05-14T23:00:40Z	2023-03-09T12:57:38Z	14 kB	379 kB	54.230.111.78
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	65 kB	34.120.237.76
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-09T08:41:37Z	655 B	568 B	216.239.34.36
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-09T05:11:02Z	479 B	795 B	13.107.21.200
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
t.adcell.com	43380	2018-11-13T19:43:50Z	2023-03-09T15:41:37Z	352 B	22 kB	185.5.82.77
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	370 B	16 kB	142.250.74.164
b.clarity.ms	3462	2021-07-27T14:49:08Z	2023-03-09T11:28:47Z	895 B	552 B	20.75.32.255
status.thawte.com	5123	2017-11-27T13:33:51Z	2023-03-09T05:16:09Z	658 B	1.6 kB	93.184.220.29
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-09T10:56:13Z	747 B	1.6 kB	87.248.119.251
app2.mackeeperaff.com	unknown	2022-06-14T10:53:06Z	2023-03-09T05:09:59Z	4.0 kB	74 kB	3.225.159.165
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	5.3 kB	11 kB	142.250.74.3
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-09T12:14:45Z	336 B	1.9 kB	23.36.79.10
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-09T05:09:57Z	780 B	115 kB	31.13.72.12
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-09T12:40:49Z	378 B	67 kB	143.204.55.40
trc.taboola.com	602	2012-12-27T12:54:42Z	2023-03-09T05:14:36Z	1.2 kB	2.3 kB	151.101.85.44
sc.lfeeder.com	17815	2020-09-08T08:51:01Z	2023-03-09T07:10:39Z	376 B	553 B	143.204.55.84
www.dwin1.com	4572	2012-06-20T09:16:16Z	2023-03-09T05:14:37Z	351 B	690 B	143.204.55.32
in.hotjar.com	1746	2018-10-22T19:15:59Z	2023-03-09T05:17:27Z	483 B	287 B	18.203.27.16
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-09T05:11:00Z	360 B	518 B	13.107.213.53
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	476 B	694 B	142.250.74.3
tr.outbrain.com	2017	2017-04-12T09:58:35Z	2023-03-09T05:17:19Z	404 B	237 B	70.42.32.95
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.4 kB	93.184.220.29
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	789 B	6.2 kB	142.250.74.10
rp.liadm.com	2705	2017-02-01T21:43:30Z	2023-03-09T05:27:13Z	602 B	629 B	3.223.51.75
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-09T05:09:14Z	375 B	3.4 kB	23.36.76.210
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-09T05:17:17Z	2.0 kB	16 kB	13.107.21.200
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-09T09:57:52Z	590 B	2.9 kB	13.107.42.14
b-code.liadm.com	3597	2016-01-19T11:23:52Z	2023-03-09T07:21:23Z	359 B	403 B	143.204.55.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-20	medium	mackeeperaff.com	Sinkholed
2022-10-20	medium	mackeeperaff.com	Sinkholed
2022-10-20	medium	mackeeperaff.com	Sinkholed
2022-10-20	medium	mackeeperaff.com	Sinkholed

JavaScript (53)

	URL	Size	First Seen	Last Seen
	widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js	19 kB	2023-03-07	2023-11-04
Pretty URL widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-11-04 14:10:25 Times Seen853 Hash 09f25c4b4cb4f5d5bd2bf7adf3235bc0 dbe22054d87d6ef7127d98ceab7650eaa0f6ed68 f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL	291 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash 2fd5ccb5dc334c14158bfa50300da482 3e4d0747d0b9c332d63068c6f7e0e5a81698628a 155ced3244f181e68b713043bfa567c39a6ecef119641f5a602d60d4df478fbf Loading...

	app2.mackeeperaff.com/land/225/	424 B	2023-03-07	2023-03-17
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash 5347533fb6639394ff649eabf0aefb9e 2fc3d90ff47261a234617d7f5cbe2ac38c2461d2 d746c5cfd5b8336e955aeb9a81cfe0f47a3662706dd314a59d088d2c5fcd71dc Loading...

	app2.mackeeperaff.com/land/225/	588 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash c9d4e5bed7ccc1b03104e2885cf292a3 d2acf0ee9b27f242e70529430ccfd06931ec35df 10206ecb0e2e51bca0336e31650f46fe2e973ad30cf917d95ef0320b9b045237 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502027&cv=9&fst=1666277502027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4	2.2 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502027&cv=9&fst=1666277502027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash a1d24d23e3361c4149999f0dcb38d2c2 a6f55f6a92545fa55a1e4e4b332e8db3a225f614 ba58dc0057e08f10b9f88d95385de7bc0bb9e1099048770f1e3568f5d3766721 Loading...

	browser.sentry-cdn.com/5.5.0/bundle.min.js	52 kB	2023-03-07	2024-04-25
Pretty URL browser.sentry-cdn.com/5.5.0/bundle.min.js IP 151.101.66.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-04-25 07:37:58 Times Seen259 Hash b1dcc6195d84cf50c3e882d3d515f848 06562c193663a31a3cabeaa18cffeb882084fcb6 8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb Loading...

	app2.mackeeperaff.com/land/225/	482 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 72cde6308f914eb45f4db1d7f4b8c045 dda2360daf3ebfd93cb69e4d4099c4293d55f6d4 583225295b0abdd3b443b9b3c61b13a6e4ee78d6c9924cb35b188be2451c7f9d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1666277502028&cv=9&fst=1666277502028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4	2.2 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1666277502028&cv=9&fst=1666277502028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash 26cb336149e60d1eb8fc39d65721932b e40c65c2e39af59bf1f76ea52c7ff51cd2a70786 b192edc890fe6f5c31894033f42ba838886dc48a6ca742a9aba95c595f25a3ff Loading...

	cdn.taboola.com/libtrc/unip/1212352/tfa.js	58 kB	2023-03-10	2023-03-10
Pretty URL cdn.taboola.com/libtrc/unip/1212352/tfa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:28:37 Last Seen2023-03-10 13:47:43 Times Seen1 Hash ea377d9f8b8d46eee3622c2781f52028 1ba83b4d34fea0adf046ba55ac782bcc07dc016c 9951dd37b12733ed89c53bfca68924a06779574eef1e62a14fc1dbe187f5a143 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	app2.mackeeperaff.com/land/225/	699 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 04b294684f6c20245c89a46bcb6245d2 321b532a4969bda37a05bf569229d26507740fc1 22e6130b9d2aa6d60d80b7c6bf137ec4e91479882003576825b5850dba4bd3a0 Loading...

	app2.mackeeperaff.com/land/225/	503 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 841221e1af44bf4cde48359d1083aeee b686d4d0d2c0d88da65327be20abba2a48680c43 4059ef3cc4904376a0bf39a4914976401f93a39c860359f82b1f6f5ae497cad0 Loading...

	app2.mackeeperaff.com/land/225/	337 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 0f66a22815105cf476592582734e3647 13e34f98374041596bc9902b0505cfc4e9de3c18 bf4b58838de4f45b23c1176044c580c1dcf856c54dbc6355538823ec72661dc0 Loading...

	www.dwin1.com/23738.js	32 kB	2023-03-10	2023-03-11
Pretty URL www.dwin1.com/23738.js IP 143.204.55.32 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:35:36 Last Seen2023-03-11 08:54:19 Times Seen1 Hash 04a63f0a2836817ce6045d6b4bea866b 02cd69d364951fac7dfde436a662c3d1dc92946d b72efa765a7a155488408f9978565f1f667ab817e1cf784fd33c1285f40faee3 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1666277502026&cv=9&fst=1666277502026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4	2.2 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1666277502026&cv=9&fst=1666277502026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash 10d7d0bce9f6e0a832119c6eafa637fe 85916db4ec4909a46aac7769a2900b1b1e459e90 54045ae47c8019935e920f4b2cb6c8ffade27e5b15602a454ad33f421a0c0295 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	app2.mackeeperaff.com/land/225/	575 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash fd23ab21ac6df3738f562434dff77b27 d073eb3d67ea4ab2e29e39b946a80a5b5f1267dc 60d237e4e8dd361b8cbd222615bd4864d1192b4b3283672468d2a8aa3bd44334 Loading...

	t.adcell.com/js/trad.js	57 kB	2023-03-07	2024-03-05
Pretty URL t.adcell.com/js/trad.js IP 185.5.82.77 ASN #20546 SOPRADO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-03-05 08:59:37 Times Seen218 Hash 56e1a43dcd8cf63a49a930cd5313b724 50bcc06085d9e7bab6849d3710ade4254ce0648a 77e3bdfb73066e1c7ce07b8e91e81b63380a761919fa65049925a0238fbbdd1c Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	7.8 kB	2023-03-07	2024-01-14
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-01-14 12:48:17 Times Seen22 Hash 93e8a332e6a6de807c6ef9fdac9689ae 68a0ccb463d6abb247149a50e0a90ff32dd98ad0 b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Loading...

	amplify.outbrain.com/cp/obtp.js	8.7 kB	2023-03-08	2023-03-17
Pretty URL amplify.outbrain.com/cp/obtp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 10:00:27 Last Seen2023-03-17 18:53:20 Times Seen1 Hash 0d5508c59e34b5d35cde5aea2aa1c2fd 8cb7a400058b25dee1f4cac88528232707541571 8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413 Loading...

	vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html	2.3 kB	2023-03-10	2023-03-17
Pretty URL vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:08:48 Last Seen2023-03-17 18:53:20 Times Seen1 Hash 4b3fcaac295321393f1bee36271d6f8b 551bc59f96dbd382dc9ff712fdcc6bcd602d6ed9 1f6e65b24f7a62941f0198dd3bbef027f7db4263a544a303a9eb307dcdab7878 Loading...

	www.clarity.ms/tag/uet/36002432	1.9 kB	2023-03-10	2023-03-11
Pretty URL www.clarity.ms/tag/uet/36002432 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-11 10:12:58 Times Seen1 Hash ab6cbf4568bad41dada324139ed55230 313cea7e92ca890543ec7efc318bdb5d52fa7360 502784d0be8ccf1f83f4859b9e218814616724e5bc3414d60656413b677cda12 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-08	2023-03-10
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:58 Last Seen2023-03-10 12:05:33 Times Seen1 Hash 7ebf0fce2f7b7c5a547d76da320bd16f cf5575cac6328d1538893b09ddcc0e1d9ece0bd2 a355dc6fd53a94ca23cff781b3cf5f19d3851d899687b32bdfb4ecf6adb0ecb3 Loading...

	static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?1706ac1b0b33a225018b	84 kB	2023-03-07	2023-03-10
Pretty URL static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?1706ac1b0b33a225018b IP 54.230.111.78 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-10 14:17:40 Times Seen1 Hash 3c7ecd3bbc051c9d58e97691b50ec183 c4ad7d2079875729feb499a22a8bd5c906d7d48b 29b8ed63ff595be50acbffa2353233a5d073fe072f96d5eb3c42964d62cb0271 Loading...

	static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?5d40e965e8fcb218406d	70 kB	2023-03-07	2023-03-10
Pretty URL static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?5d40e965e8fcb218406d IP 54.230.111.78 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-10 14:17:40 Times Seen1 Hash 978916c1832b2db29b186d1578d5e378 75922846659adb697ffa32b093b63b1b154c6458 86f90bde1cd1622ad347e8a87adb6d05596208c2462b388bf58d98f22a896b44 Loading...

	static-cdn.mackeeper.com/mk-land/dist/225/script.min.js?4e6f2e1118e36c4972af	66 kB	2023-03-10	2023-03-10
Pretty URL static-cdn.mackeeper.com/mk-land/dist/225/script.min.js?4e6f2e1118e36c4972af IP 54.230.111.78 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 13:35:38 Times Seen1 Hash 2fe9559f1db9fa3f5c4fb4bd7115605b 9e671368198ee7d240dc53b5dff921e38604112c 3c052dfd2b5007c4620f33c3e24c12b6131987436ae1b9735e51da0853cc3506 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:41:32 Times Seen37063496 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	app2.mackeeperaff.com/land/225/	24 B	2023-03-07	2024-02-20
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2024-02-20 08:47:34 Times Seen152 Hash d85ccf96a3a02100247cf1aa027b846c 06666b39fd8160daba3c4fb8f3e29cad947a4761 4c544325e83d44ed827db799758a19f902de1ed48bb6fd7f3ad477d32e11c9ba Loading...

	static.hotjar.com/c/hotjar-190484.js?sv=7	8.0 kB	2023-03-10	2023-03-10
Pretty URL static.hotjar.com/c/hotjar-190484.js?sv=7 IP 143.204.55.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:12 Last Seen2023-03-10 12:01:13 Times Seen1 Hash 5e9438c81ee83d943867f08b60428e80 b67b32cd30e3c9e30e7c938672113ecede73c814 68d39136cedb5592afb5283a2a6861ec5eaca527630a6beb72ffb55017f250a5 Loading...

	connect.facebook.net/en_US/fbevents.js	104 kB	2023-03-08	2023-10-23
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:00:40 Last Seen2023-10-23 15:37:18 Times Seen8 Hash ba4feb901b5e33b95808908a1fc07264 eb7193f6fa6df7849a40a0a6f1e3da9513bae84c f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8 Loading...

	trc.taboola.com/1212352/trc/3/json?tim=1666277501945&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fland%2F225%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666277501941%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666277501944%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.4 kB	2023-03-10	2023-03-10
Pretty URL trc.taboola.com/1212352/trc/3/json?tim=1666277501945&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fland%2F225%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666277501941%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666277501944%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash 1f47cdb8d5e79e230cdafdfa8dc0586f 3e989f1116a43ea065667f564f2d676d1e4c43b9 cff425ea43f86282652dfd3f1e2c39817e7137d063788e601aa10f2b4f48d68d Loading...

	b-code.liadm.com/a-015g.min.js	28 kB	2023-03-08	2023-03-10
Pretty URL b-code.liadm.com/a-015g.min.js IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:01:45 Last Seen2023-03-10 14:38:43 Times Seen1 Hash 1764050e7cc82f4183057936322d3971 21b07b79a68218aaff5b10aa25f3216cabe28d98 bcb82592f0da9e0790ae3740afe7082f01327aff300bd8d97929e5bf99ce8cb6 Loading...

	sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js	32 kB	2023-03-10	2023-03-10
Pretty URL sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:00:31 Last Seen2023-03-10 19:36:06 Times Seen1 Hash 6fa0006a6525677a49c8de289a869036 bb9526bdf555e8cba2bf72e6d9f2212a9aeeadeb 300b9392ea7e5d225ebf5546b1056cf92884c3835fbbd39ac6cd96f86d0ad332 Loading...

	www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH	111 kB	2023-03-10	2023-03-10
Pretty URL www.google-analytics.com/gtm/optimize.js?id=OPT-TVNW4WH IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:56 Times Seen1 Hash 0001c44264ad8f10200dbe4e0f305465 8790be8f51097c0dd14fee1d8906d05bebe8115d 5792e761b1b2237ef76e8d3b7e29d5cb623fbd322c4dbbef10a84f316627d89d Loading...

	bat.bing.com/p/action/36002432.js	3.5 kB	2023-03-10	2023-03-11
Pretty URL bat.bing.com/p/action/36002432.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:26:25 Last Seen2023-03-11 15:57:29 Times Seen1 Hash bd540e427d128ed1c974c4902f3f31ef 7b803902ee814ee088f484a3b1b4356b6103f424 dbb501d39cab9813cf5fe315f765a139bbb8d4b0b9b8e90fc8692b549963adb3 Loading...

	app2.mackeeperaff.com/land/225/	405 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 1ce5d5ef780ccbfa3e1195870286b1a7 a5b385180eb58f9f0eea26b4873e5b66d104808c 31f3b31edf9edb5ab7c1bd1aeba3de2ea45a691238492d3b643f6df69deab1a3 Loading...

	widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/main.js	56 kB	2023-03-08	2023-04-11
Pretty URL widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/main.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:31 Last Seen2023-04-11 21:40:08 Times Seen5 Hash a34f2033a4ef3bcdb0b73b919aec8ec4 d2a7449f196fd7a142d2c8081e9a1d6c25cdf252 b9727fdc5a2d5c7b4ccaa115195fabffb4ba1430d710418a6cf1c0026e30dcd6 Loading...

	app2.mackeeperaff.com/land/225/	337 B	2023-03-07	2023-09-22
Pretty URL app2.mackeeperaff.com/land/225/ IP 3.225.159.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:05 Last Seen2023-09-22 19:05:10 Times Seen66 Hash 79be018914a0e212bc1848239a431074 89038500bbb634bacb30a496456ade639eaa285f 7208041e315929ae918044e6380608c3e19ff9909ce043cc732981fd9d23ce01 Loading...

	www.googletagmanager.com/gtag/js?id=G-GYTXD89N1W&l=dataLayer&cx=c	202 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-GYTXD89N1W&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:13 Last Seen2023-03-10 12:01:13 Times Seen1 Hash f810a63e5c6892f1ccc062c9a772525f 7cfe62dff6bdc5ad3c89d004439aead1b86043ff 340bc8282630dca9e600b5406397a9b0bfeabfb1e840a80308f3938a8482628e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1666277502024&cv=9&fst=1666277502024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4	2.2 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1666277502024&cv=9&fst=1666277502024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:01:14 Last Seen2023-03-10 12:01:14 Times Seen1 Hash c6a102a4835d3be926e4f2f3662877fd 32df0691bc1d4018e60a6b50c3967f7de06f101e a282abcad661be175bc8d750021cca0c5e85d9da3d7b4337c1122ddff479c08c Loading...

	tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 IP 70.42.32.95 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2a2dec42def0227864d275835a7d6a93	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash 2a2dec42def0227864d275835a7d6a93 b3c5fe7f6312d7910f7ab4142f5320295e2fe108 63b1c0ecb5b684e67c9fc03d7d624aafa39a6fabd1ffe7108f77e2e9ab11b623 Loading...

	#2 Eval - b7601e27c54b8a3553d90d7bf7614ec3	329 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash b7601e27c54b8a3553d90d7bf7614ec3 327ae03fcbf0dde093dab43626487869b13c653c 660661e9c7f0f890974bbbb23472af1bc93f90cba6c90f0ebb9dbcf9cf8355d4 Loading...

	#3 Eval - 8980cecada6b3ec1501cf8598c7e672f	70 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash 8980cecada6b3ec1501cf8598c7e672f 0307493440d1688b3661bce8cef9429092d50ef8 27e412e5d5ac610590ad792b5fa21dbc233f79c391dcdf0d02e0801eda3c9ceb Loading...

	#4 Eval - 3b1db26a848737a9f8de298f741fc29b	70 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash 3b1db26a848737a9f8de298f741fc29b 7df5349b49626e5db623273c52701bbade15a2e2 417e6fdd6687faa89a10b60a8d97de31b9285a6aa23d79f2ed007536cd83f31d Loading...

	#5 Eval - b86a7056325281a61ac60b833413f060	333 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash b86a7056325281a61ac60b833413f060 347e59951c92aa77e4b26424c522b7adb1b2f444 2e916e96c5178535ec8422b931f86b24c207c5242e3b9746195797ad20c0c84b Loading...

	#6 Eval - bd281b78b70f90b05e1dd781a159948f	89 B	2023-03-07	2023-08-03
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-08-03 05:44:53 Times Seen46 Hash bd281b78b70f90b05e1dd781a159948f b3b7b0aff6a60952836d55e2e807841d0323b3ee d5df103b3d6158b5ad05c19ce6f61d6a38c1b9c47f0ce213ac39dccf8a215f2f Loading...

	#7 Eval - eddc10ac266c1fe4d363b98cda663e5e	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:02 Times Seen5 Hash eddc10ac266c1fe4d363b98cda663e5e c31146f3f1c4009489f59bf05afbeb86ec0e68b9 8da159a87b17690597f668f259e641f30925835c139dc682dbf026f304d898fe Loading...

	#8 Eval - 5cd2f479e9b6261287c693bfeb4a1e85	70 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-03-17 12:37:55 Times Seen1 Hash 5cd2f479e9b6261287c693bfeb4a1e85 eef540a58416d8f29233277a7ba38a659e67e077 5024d23c0216096e391b07dd33d46152f9de7341d425070cb14410a5e5098174 Loading...

	#9 Eval - 90ab2af2654c8ea9d0510e8bd1ad8d1f	76 B	2023-03-07	2023-08-03
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-08-03 05:44:53 Times Seen46 Hash 90ab2af2654c8ea9d0510e8bd1ad8d1f bd4801ff095e10f0b2f112d7a266d2ba12bf84f3 4ddd51fa56504fe5c4eaf5321c3bfe9c2f58d248208100f0b73fd2479c8be6b0 Loading...

	#10 Eval - 4575cafde558183741fc0c072a59ad7f	69 B	2023-03-07	2023-06-27
Pretty Observations First Seen2023-03-07 01:35:05 Last Seen2023-06-27 00:09:01 Times Seen5 Hash 4575cafde558183741fc0c072a59ad7f ea2c7dc1a2abb19e24723f51efb5adc5a9895b2e a12eb7029f1bb54eb1b2d9bad442cb478d95f413e74f7206f5f06f3782debb35 Loading...

HTTP Transactions (135)

URL IP Response Size

app2.mackeeperaff.com/land/225/

3.225.159.165

301 Moved Permanently

134 B

URL HTTP/1.1
app2.mackeeperaff.com/land/225/
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /land/225/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 20 Oct 2022 14:51:27 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://app2.mackeeperaff.com:443/land/225/

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 13:51:50 GMT
Expires: Thu, 20 Oct 2022 14:44:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jg36uBkqTc_ORhLZzAY3qe9_5qZQwr0pCos_YaarhifZaoJgrluYZA==
Age: 3577

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8767
Expires: Thu, 20 Oct 2022 17:17:34 GMT
Date: Thu, 20 Oct 2022 14:51:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e41c85816a32bf30e54a8993fcd0406f
35013fb83966783145f1439eb7e949beefae4cf8
22dfbec34834914ffd13a3bee717dbf695450c05a44949bb691e39d254e39665

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DFBEC34834914FFD13A3BEE717DBF695450C05A44949BB691E39D254E39665"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5630
Expires: Thu, 20 Oct 2022 16:25:18 GMT
Date: Thu, 20 Oct 2022 14:51:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mNwOMac4j0L8fEEbtl7BKY0pHBItsqnE5BJHJhnVvMSneY7j5aSjzb9JRq/0sJexVaXuqlV9q+8=
x-amz-request-id: 3A8HFZQCBG2Z0ASB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 14:36:47 GMT
age: 881
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 14:51:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 20 Oct 2022 14:43:40 GMT
Expires: Thu, 20 Oct 2022 15:29:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UMHRC67cUeM5DLHgpLyppKKC9i7T9YZOfj7WSf0BQNK2v_blZJGQ9Q==
Age: 468

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d123150e866d5b1bf64df518566bf7eb
8c1e9b8820b5d5da3f3e9181d368eb965bfc8e05
ed782d7c6fdbabe9411973f31e1d1abe59793113a301bbaf758ff9324ae0ae5b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99897
Date: Thu, 20 Oct 2022 14:51:28 GMT
Etag: "635043a9-1d7"
Expires: Fri, 21 Oct 2022 18:36:25 GMT
Last-Modified: Wed, 19 Oct 2022 18:36:25 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yvlPHNoMZhXrY_ejff2yzWswx_PpgSGmbMGI30LYxyLSjhCPmNbb7g==

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: max-age=155095
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:28 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:56:23 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3NSgal8xCBUKqgK1vChJJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t4FK9cR9cbfn7jKKNn5L0t/tkqE=

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_two.svg

54.230.111.78

200 OK

431 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_two.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (431), with no line terminators
Size
431 B (431 bytes)
Hash
f0f6b52bce4737187d5986d65c2b9a11
420adf24b61c4b96d5dc1b30eb4cbd44106ec3c2
b02a16d65bb919592b8b0903e78661c9c6a6b6d39218ce2ca664c5b2fbccad76

HTTP Headers

GET /mk-land/dist/svg/landings/225/clean_two.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 431
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:02 GMT
etag: "f0f6b52bce4737187d5986d65c2b9a11"
cache-control: public, max-age=604800
x-amz-version-id: LRgYiVhEK3fItgvPk6mKGbDsgX8pnLBe
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lSGA_4P0oCIG-fqQ6AyZ78vaXhu-2gDykaIee6VGbp9ERV8hy7cH-g==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_two.svg

54.230.111.78

200 OK

416 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_two.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (416), with no line terminators
Size
416 B (416 bytes)
Hash
9cab428314b3d6d14b27b1c135719c23
e02c5b85b10d649435b5930e710056f30ea2cc50
3a275c72443bceadd78236a8c465a5b9285433efd40cd339836380ae06c25279

HTTP Headers

GET /mk-land/dist/svg/landings/225/soft_two.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 416
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:06 GMT
etag: "9cab428314b3d6d14b27b1c135719c23"
cache-control: public, max-age=604800
x-amz-version-id: AzD9wwbrIkCKyEsG_bLx1P0QngZ10lMa
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OVKyFz37hBvndvusXCI0a_P7-ewFjexxr1Dxvq_U4Ye6jxJdXiJkAw==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_three.svg

54.230.111.78

200 OK

583 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_three.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (583), with no line terminators
Size
583 B (583 bytes)
Hash
64036bea66db20718ae3285e9ca951cd
bd5eed2f6cdfd70698fa356785acb13c21768d41
462a1d5d1feb27660a51f000e54ac924bcca7b6d94337593dd0e741560d7da7f

HTTP Headers

GET /mk-land/dist/svg/landings/225/clean_three.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 583
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:01 GMT
etag: "64036bea66db20718ae3285e9ca951cd"
cache-control: public, max-age=604800
x-amz-version-id: aO4a9w_YfpO.ZI6ANxHSeJI1.NSl2EjU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S2pRz4qmcZjIrMaTHXqab8tO8DitBLinQXMdqGRVMpUb2r2XO6xurw==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_one.svg

54.230.111.78

200 OK

539 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_one.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (539), with no line terminators
Size
539 B (539 bytes)
Hash
97ea212e1de4543eabca9fd8ddd404de
007dadc86f73968b1c388e45d8700ecf89d6a50b
0e99a715e4465cdb227652a88f9d4a7a18bb59a56278b447b1ded534bfea4c5c

HTTP Headers

GET /mk-land/dist/svg/landings/225/per_one.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 539
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:03 GMT
etag: "97ea212e1de4543eabca9fd8ddd404de"
cache-control: public, max-age=604800
x-amz-version-id: GWAKBWCSqT_7gPWOz2RGnf88tL37V5HF
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vqohm26VH2nrWN2DPGpzg24gcudHk8sz5xi4una-TRnDnH0UjZE13A==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_two.svg

54.230.111.78

200 OK

573 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_two.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (573), with no line terminators
Size
573 B (573 bytes)
Hash
f7c01b4f32eceacb4bf0a84f301505c6
e69ac48a9b8f6ce19faf14bd1014c3943b967c04
f26625626a6dd5205a1a10f6c914bdbf6441dd7075b5cff2fdc9d09ecb9f5a67

HTTP Headers

GET /mk-land/dist/svg/landings/225/per_two.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 573
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:03 GMT
etag: "f7c01b4f32eceacb4bf0a84f301505c6"
cache-control: public, max-age=604800
x-amz-version-id: Hd7XMs0T4oJtO_vQvm6W.PePMJuuAU9e
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d8FVuIqqmzq7OH4RjbTkBPeKUgk89otKO43cxNvBGrFViKE9zNQW6w==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_three.svg

54.230.111.78

200 OK

720 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/per_three.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (720), with no line terminators
Size
720 B (720 bytes)
Hash
6827d895741abaebbe73a96f65d28344
7b9070dbb0c59f249194f6b182b09507883a627c
e6e9d084a55b47d2b0b35022c13168a915b215f34bc43c62fe7c35f7d78896d4

HTTP Headers

GET /mk-land/dist/svg/landings/225/per_three.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 720
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:01 GMT
etag: "6827d895741abaebbe73a96f65d28344"
cache-control: public, max-age=604800
x-amz-version-id: JgEm4VjBwayEO1JgrCFhxLPUqy7wD_Nx
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vf1pyNNv53QznITvEq17PO2WUvm-IpaGRht3fyxeAbrFjMNeB-b-Xw==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/ant_one.svg

54.230.111.78

200 OK

432 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/ant_one.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (432), with no line terminators
Size
432 B (432 bytes)
Hash
48ee3a2cc5a7ac742bd440d7c5497fa3
052e084834e87565be5632d608316d919ef4a6be
eb72a677d24f6679bbdd7ee7c9809a575c294d7e1c458b85d2ad0d3d3f7dc9d5

HTTP Headers

GET /mk-land/dist/svg/landings/225/ant_one.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 432
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:02 GMT
etag: "48ee3a2cc5a7ac742bd440d7c5497fa3"
cache-control: public, max-age=604800
x-amz-version-id: 6iupm1tUoslfH5kSfuK18ox_5nA1IMD1
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eDFafDyJMGMCYrvfr_DUm91O97VC_bIA7AnnjmeZ35iHRTugujdZew==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/security-two.svg

54.230.111.78

200 OK

442 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/security-two.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (442), with no line terminators
Size
442 B (442 bytes)
Hash
1dc4abe3aa5d009df49fbf517f481ccc
c59310139609463fcda8759b2acb5d273cb47b2c
355f6e09902fa7825ed2dcab34dc5b00f874c346397cf1135dd7d04c97e17457

HTTP Headers

GET /mk-land/dist/svg/landings/225/security-two.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 442
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:05 GMT
etag: "1dc4abe3aa5d009df49fbf517f481ccc"
cache-control: public, max-age=604800
x-amz-version-id: P7COEuM1ReN_35TeAX6nirZtWmDpnezY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LqBkd1OYusESuErHB8d9M9vsE_1x9SBf0R_x4vr9mkRejHQXCsUgCQ==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_four.svg

54.230.111.78

200 OK

399 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_four.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (399), with no line terminators
Size
399 B (399 bytes)
Hash
bc4849c8d35e6a210935e7b9fdda0196
ffcc50042a4d7862847115f659b0f099c1b469bb
1c216829b95c0b70220cb919b5889fce57c99a687d7be02f06ded33f80527283

HTTP Headers

GET /mk-land/dist/svg/landings/225/soft_four.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 399
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:04 GMT
etag: "bc4849c8d35e6a210935e7b9fdda0196"
cache-control: public, max-age=604800
x-amz-version-id: 4zPAwPwwjZUa3v8MqKY9C58_Duocufi7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1IsJcA_5XEOCWcPHmNdtsdfSwHXYdWpx0Yq5cbxmHrmInpImi5LsRw==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/components/btn-arrow.svg

54.230.111.78

200 OK

412 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/components/btn-arrow.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (412), with no line terminators
Size
412 B (412 bytes)
Hash
2bb20d31732674b19f39721677ee98b0
c009a4436fe0fd3e281dcd9f60ab0f2769f25cb5
b5553f16ea66eab43971c73b4115bbe291b2188dc00d0c5d4f5bb21958e3dda2

HTTP Headers

GET /mk-land/dist/svg/components/btn-arrow.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 412
date: Wed, 19 Oct 2022 08:49:38 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 18 Feb 2021 12:38:48 GMT
etag: "2bb20d31732674b19f39721677ee98b0"
cache-control: public, max-age=604800
x-amz-version-id: nukWLapdOnZ6K4hroAQrBv4GKBUk7Zxa
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MpcFoEcZ8pWr6102upoAPeVhF8YRGA9bqJeh0i7fhTTJ7Ypktfxl9A==
age: 108112
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/prive_three.svg

54.230.111.78

200 OK

717 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/prive_three.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (717), with no line terminators
Size
717 B (717 bytes)
Hash
a5c782d385dc0cbbd4afa608cdd1d8f3
68087ac49e47e19dba31ef068f54a6c574a8bfc2
6a6809edb7464cf5d45ff57e705bbefcfb37048721518235e12a5fc5b4b801c4

HTTP Headers

GET /mk-land/dist/svg/landings/225/prive_three.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 717
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:07 GMT
etag: "a5c782d385dc0cbbd4afa608cdd1d8f3"
cache-control: public, max-age=604800
x-amz-version-id: bZmAWXuf1_16mNzH9W77urKoZ22SJAkL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XZ-JvWpgdMH4syqPY3i_c6LhFgDCvWDgO2nOSpffI8ZJ0Xg8Wap3Mg==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/privacy-two.svg

54.230.111.78

200 OK

987 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/privacy-two.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (987), with no line terminators
Size
987 B (987 bytes)
Hash
102a03f6293726facccabba18c0e9455
a26d09667f914080c04fd009f03f8d95850bb895
1d974ed4e61fc2a77bcd71ffda37e83e83cf0681d1633d5f42c00c3df2226def

HTTP Headers

GET /mk-land/dist/svg/landings/225/privacy-two.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 987
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:06 GMT
etag: "102a03f6293726facccabba18c0e9455"
cache-control: public, max-age=604800
x-amz-version-id: huCh93vXiRgrU7OH1cjV32VI19B1GuJD
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TYI3LepiKnMbxB-_ItvZ_RhChGElAOTEi42_PvfU_K3LNlcsoyh_6g==
age: 106278
X-Firefox-Spdy: h2

widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

143.204.55.80

200 OK

6.1 kB

URL HTTP/2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size
6.1 kB (6124 bytes)
Hash
5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0

HTTP Headers

GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 01:34:28 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TcUdQw3pGbgOxRcui_sszviKKKDcECOrN2mL-mGPjxASiQ7KUnxYhw==
age: 47822
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_one.svg

54.230.111.78

200 OK

486 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/clean_one.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (486), with no line terminators
Size
486 B (486 bytes)
Hash
4ef86b2fbcdb943033b3c85e020122da
162e093a49c83d2d01bc48c1c9d398ac57d8b92b
4418d84f10560dd73aef8ddb24712a06de3530a83ec5a2674788a8e3758056da

HTTP Headers

GET /mk-land/dist/svg/landings/225/clean_one.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 486
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:01 GMT
etag: "4ef86b2fbcdb943033b3c85e020122da"
cache-control: public, max-age=604800
x-amz-version-id: YH32xEF_5ib9lzid_dJ7i9GT9Dd5L9LT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Or6RG1frj33UMF8xOFPg_b10Tyc1kLWj4lOfyxk-W85SGrqg0vvhDQ==
age: 106278
X-Firefox-Spdy: h2

browser.sentry-cdn.com/5.5.0/bundle.min.js

151.101.66.217

200 OK

52 kB

URL HTTP/2
browser.sentry-cdn.com/5.5.0/bundle.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (51441)
Size
52 kB (51570 bytes)
Hash
b1dcc6195d84cf50c3e882d3d515f848
06562c193663a31a3cabeaa18cffeb882084fcb6
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb

HTTP Headers

GET /5.5.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 11 Nov 2022 05:27:37 GMT
last-modified: Fri, 05 Jul 2019 11:17:04 GMT
etag: W/"39339cf627bc67e34d4c623bea4c0b4a"
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 14:51:29 GMT
age: 29669034
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 51570
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static-cdn.mackeeper.com/mk-land/dist/images/landings/225/header.webp

54.230.111.78

200 OK

131 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/225/header.webp
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
131 kB (131024 bytes)
Hash
4b4b385f28364f3bd51926ab2bb81541
30c3c0235d1aa35559cc00974583b1d30a7514b1
02144673ab0dd469277694f55ae214157fc0d2738e2fb0eee1621c4f418e6bd7

HTTP Headers

GET /mk-land/dist/images/landings/225/header.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 131024
date: Wed, 19 Oct 2022 09:22:44 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:25 GMT
etag: "4b4b385f28364f3bd51926ab2bb81541"
cache-control: public, max-age=604800
x-amz-version-id: VJAy19mh_ft.NcFkncwio32zsEqiPrFC
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xZwNwL04FZapsmiYaivezSk8_p2XQi7zF4oITurJhdUk9WsPaGHvVw==
age: 106127
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/225/header-bg.webp

54.230.111.78

200 OK

74 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/225/header-bg.webp
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x640, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
74 kB (74138 bytes)
Hash
137aa51469fe2a02e21b1aaae3c6ccaa
87cea366b27a70348a19e753a01496d1d0a75385
3258b3abaef6428600b278f8b4d729b43cebec7b08fe903886c65b6de75736e6

HTTP Headers

GET /mk-land/dist/images/landings/225/header-bg.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 74138
date: Wed, 19 Oct 2022 09:22:44 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:28 GMT
etag: "137aa51469fe2a02e21b1aaae3c6ccaa"
cache-control: public, max-age=604800
x-amz-version-id: 4vvl8O.5lMjAsDg4AwGt3hY9oo1LATBH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4l4hZQT8h5WI-CyBqeDb1oNrZoA5Gt8z4-bE4o9aKWT36z_HwgaAuw==
age: 106127
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/225/memory.webp

54.230.111.78

200 OK

1.4 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/225/memory.webp
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.4 kB (1420 bytes)
Hash
e24e191c026b00c1d7a106572ec478ed
b2929eaa3663327447ebc0a36f971fd5f41ed3bb
dfcbf5db55a5b400ad7e7c0cbf38c1dcb6e48199f4acd751a2eb44d579b078fa

HTTP Headers

GET /mk-land/dist/images/landings/225/memory.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1420
date: Wed, 19 Oct 2022 09:22:44 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:26 GMT
etag: "e24e191c026b00c1d7a106572ec478ed"
cache-control: public, max-age=604800
x-amz-version-id: bUSSObvLnb7DQVXnLsaj5d1FlWuhJ.L2
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EJt0pjSGgV7kXcV7Kf8fH7K8x4-Jj62d8AqWoInHiJ2Dlr3QdeBVmw==
age: 106127
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

142.250.74.10

200 OK

2.4 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.4 kB (2447 bytes)
Hash
f5a430087b6e5f4d0bc89d1b6a9fa8db
62178849a85a32ee704e939d65cd98e84bf2000b
5df4d106573862ab100182564ae745c5adab09374e417355cc8d5dc39dc9da0f

HTTP Headers

GET /css?family=Source+Sans+Pro:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 20 Oct 2022 14:51:29 GMT
date: Thu, 20 Oct 2022 14:51:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400

142.250.74.10

200 OK

2.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.2 kB (2229 bytes)
Hash
d1fa81936e4295e0db344a327a95486c
fbce6d51b6f527d9d17c9a51f36e6e024cddb576
8dad41ebfa71189889e78a7cac2ffd26d1ff3f52d50d1fac886b7837f5e7bb0b

HTTP Headers

GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 20 Oct 2022 14:51:29 GMT
date: Thu, 20 Oct 2022 14:51:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/landings/225/mac.webp

54.230.111.78

200 OK

30 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/landings/225/mac.webp
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
30 kB (29518 bytes)
Hash
588156972ffbc510a38822a08c5474cb
062aa69b5766e6d4d38bdf37905c1b73c9241c02
b56fba8b6585f965e16f16ae850b9b3a6e4870455874916597f19c48310959b2

HTTP Headers

GET /mk-land/dist/images/landings/225/mac.webp HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 29518
date: Wed, 19 Oct 2022 09:22:46 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:27 GMT
etag: "588156972ffbc510a38822a08c5474cb"
cache-control: public, max-age=604800
x-amz-version-id: QifUAQLavVRq8JpREIHRD9Oj9m5x59jE
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UIkX1CYO2mqt3p9XXuXcVJFI78T-hQqXSvrndXMMOHU64_YbIxkiZA==
age: 106125
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL

142.250.74.168

200 OK

95 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PVNC4DL
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (40316)
Size
95 kB (94556 bytes)
Hash
35e3f7716ef78a9d39de0d9e2189940e
19dc3fb24565fb52b259548757ac16ec0ffa7fac
cbbf9568dc9b7328a436d1e05f2a2f80fff3134d1be2b098f845cb52e38bfb11

HTTP Headers

GET /gtm.js?id=GTM-PVNC4DL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 14:51:30 GMT
expires: Thu, 20 Oct 2022 14:51:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Bold.otf

54.230.111.78

200 OK

58 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Bold.otf
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
OpenType font data\012- data
Size
58 kB (58132 bytes)
Hash
e2b038d7581e81ac8bc103d49058c145
8ba4b06bf43a6613da528e483baa14cd2ca34383
84277c1ce64d7090ee95f91c03808ac47c2b99a2019d4cbeefe7b71e42bef10f

HTTP Headers

GET /mk-land/dist/fonts/MarkOT-Bold.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
date: Wed, 19 Oct 2022 08:54:33 GMT
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:12 GMT
etag: W/"336e38c18c3ac1666fa496c919b08eca"
cache-control: public, max-age=604800
x-amz-version-id: _SyAJ1U0XNp0EgWFZoSm7jR1ZmFIsGhh
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TRX3Lwqq74XWkvzdx1yWAAfK0ighiqh65drcgsk77FqBSTZ6f3bxeA==
age: 107818
X-Firefox-Spdy: h2

widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293

143.204.55.80

200 OK

3.7 kB

URL HTTP/2
widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (15336)
Size
3.7 kB (3697 bytes)
Hash
83355578cdf883e1c6aef6f07b55893f
9d029e5c705fcdf74bb145b41dcf6179adff85e2
a4a8345f2801ecb4907f357a51b22176f217c7f445fbb3bccfe645c536d39842

HTTP Headers

GET /trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 3697
last-modified: Tue, 04 Oct 2022 10:34:05 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 09:40:14 GMT
cache-control: max-age=86400
etag: "83355578cdf883e1c6aef6f07b55893f"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GZ4hNVBhm7ohQ7Swe2UMhMqRTx34dpe22hQpodypcPa1sGeX_1ZpkA==
age: 22393
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5312
Expires: Thu, 20 Oct 2022 16:20:02 GMT
Date: Thu, 20 Oct 2022 14:51:30 GMT
Connection: keep-alive

widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/main.js

143.204.55.80

200 OK

17 kB

URL HTTP/2
widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/main.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (55461)
Size
17 kB (17075 bytes)
Hash
8efe0f2f2944e9baaa88fd0174e1b459
390574f839b7fb636c79834a1a53a0ebc1e2c87b
30b71113e1dbb5d3de637195adf9e5708923a611cb99f5670e7fd1c04c123d32

HTTP Headers

GET /trustboxes/5419b637fa0340045cd0c936/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17075
last-modified: Tue, 04 Oct 2022 10:33:51 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 05:31:19 GMT
cache-control: max-age=86400
etag: "8efe0f2f2944e9baaa88fd0174e1b459"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F_Xtt9Xmg1X8ld9Z9sTrVWthPqzJXBQaqXom1l3GjY-Zy8keymWAsQ==
age: 33612
X-Firefox-Spdy: h2

widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

143.204.55.80

200 OK

30 kB

URL HTTP/2
widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Size
30 kB (29606 bytes)
Hash
bc5c8622de6c884abb3d021c6468b0dc
dcbd21e6c0dc4311f9446a79a36de21f39e7bf1d
08645a2fa7db0564521436d10d659a1a4b2f43ca2db3e9b923d119c38e4ee208

HTTP Headers

GET /trustboxes/539ad60defb9600b94d7df2c/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 29606
last-modified: Tue, 04 Oct 2022 10:34:08 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 19:35:56 GMT
cache-control: max-age=86400
etag: "bc5c8622de6c884abb3d021c6468b0dc"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cLr2F-UeUcxrZPBE8ZA0C3CLj_eEHAiTUggHm8au6-tuWojnQdFCXg==
age: 69335
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5312
Expires: Thu, 20 Oct 2022 16:20:02 GMT
Date: Thu, 20 Oct 2022 14:51:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5312
Expires: Thu, 20 Oct 2022 16:20:02 GMT
Date: Thu, 20 Oct 2022 14:51:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5312
Expires: Thu, 20 Oct 2022 16:20:02 GMT
Date: Thu, 20 Oct 2022 14:51:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13101 bytes)
Hash
e76755a16cf0bdb76d5e832c7b14af85
e008a1663c29616e83dccba105d7f6e2dbbb37dc
ab1d3690731963f85ede6cf6bedfb8b62ae1f93fafecc2cf343ea07bd4f2afce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13101
x-amzn-requestid: e10df8ba-d8f2-44c8-ad0f-bbda32020e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYBYF6noAMFthg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d3b-56538b97541830784f01f61f;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9R7vli3BwVLfleTf2jeZc5YNDMDxM024T7nyXcIpE2-o8Ddff57Jmg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:44:56 GMT
age: 61594
etag: "e008a1663c29616e83dccba105d7f6e2dbbb37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9607 bytes)
Hash
81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:27 GMT
age: 61503
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10554 bytes)
Hash
8ee7bd4412c0b0eb678b9d53b07bdd9a
a8ba1a075a9c5501d043b9b14c45ed6bcd684e68
2499b2c4414108ed742986b90ca2a1b60c3fd65a82a78322031263650e935c7e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 343fc462-3654-48cb-bb4f-0d0d54c07b58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9REoMoAMF21g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d21-152a7b145b9fcb0e0a97db57;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4b3RT-THlt6W7NHL9Tu35gWrOeJ1aNALztrgXSkSwdT-14ccmz7gtg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:49:35 GMT
age: 61315
etag: "a8ba1a075a9c5501d043b9b14c45ed6bcd684e68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10453 bytes)
Hash
2226e30d927e7b68afb0f0025a9e6533
88ef1b5e5c76c76281f94d5bb21d47876431a26f
dc48559888c87b6b7c13109a5f44333f9f4b2330939eb3c4c2d3203a47984af7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10453
x-amzn-requestid: f9476efc-26f7-4b71-acb9-d6a07e5857c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9XEProAMFS_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d22-5f3f86da2e32b84c3911a69a;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J3tOE-6TDdWgQvo4mUNrN0JJINKLZqy5lS__rR6tRyHr6uCJRyWp6g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:44:48 GMT
age: 61602
etag: "88ef1b5e5c76c76281f94d5bb21d47876431a26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9623 bytes)
Hash
440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 13:19:23 GMT
age: 5527
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

widget.trustpilot.com/trustbox-data/5419b637fa0340045cd0c936?businessUnitId=4dbb14ee00006400050fa293&locale=en-US

143.204.55.80

200 OK

431 B

URL HTTP/2
widget.trustpilot.com/trustbox-data/5419b637fa0340045cd0c936?businessUnitId=4dbb14ee00006400050fa293&locale=en-US
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (930), with no line terminators
Size
431 B (431 bytes)
Hash
8c95714cd6c0f312cd185d9e5becfdad
5d3d61d68613b3703d861201ceb44dc84bc30a96
3f58a2e4b5101aabf282e800adcbd92f085d29309d2f43f8bcc359545ec6f5d0

HTTP Headers

GET /trustbox-data/5419b637fa0340045cd0c936?businessUnitId=4dbb14ee00006400050fa293&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 431
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Thu, 20 Oct 2022 14:50:21 GMT
cache-control: public,max-age=1800
etag: "973f21bc574ceb69fd1799aa3712db8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d4_MOrlxzl7yvqDDg1yYVSK-6aoNpJuIhyl5wBmdoEs6zMOXevdEnA==
age: 953
X-Firefox-Spdy: h2

widget.trustpilot.com/trustbox-data/539ad60defb9600b94d7df2c?businessUnitId=4dbb14ee00006400050fa293&locale=en-US&reviewTagValue=SelectedReview&reviewsPerPage=20

143.204.55.80

200 OK

3.0 kB

URL HTTP/2
widget.trustpilot.com/trustbox-data/539ad60defb9600b94d7df2c?businessUnitId=4dbb14ee00006400050fa293&locale=en-US&reviewTagValue=SelectedReview&reviewsPerPage=20
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (7745), with no line terminators
Size
3.0 kB (3046 bytes)
Hash
6fb7579159361e5416ea9981c2afe634
2b891963a3a270f2d107989f0bd0e55516dbd611
4618ec9cc6da2bc1d7818f5461732637e9c22af20eae8bcc91219d01b1d3e6f0

HTTP Headers

GET /trustbox-data/539ad60defb9600b94d7df2c?businessUnitId=4dbb14ee00006400050fa293&locale=en-US&reviewTagValue=SelectedReview&reviewsPerPage=20 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 3046
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Thu, 20 Oct 2022 14:51:30 GMT
cache-control: public,max-age=1800
etag: "4f654425816a0619004ee1409a8c6bbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aifE1LIM8tCUlA0y2XDpxM6pGPLWEwgOuOtHRNU4-V-naT4_CWBM5w==
age: 51
X-Firefox-Spdy: h2

widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936

143.204.55.80

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 20 Oct 2022 14:51:30 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: odajUYInAiFoqCg2CBcAhYVKE8AJ1_ViAIjs-yU_oUMOJlLfO-gphA==
X-Firefox-Spdy: h2

widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=500px&styleWidth=100%25&theme=light&tags=SelectedReview&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=539ad60defb9600b94d7df2c

143.204.55.80

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=500px&styleWidth=100%25&theme=light&tags=SelectedReview&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=539ad60defb9600b94d7df2c
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxImpression?locale=en-US&styleHeight=500px&styleWidth=100%25&theme=light&tags=SelectedReview&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=539ad60defb9600b94d7df2c HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 20 Oct 2022 14:51:29 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: THCwSsDOalZRHWCVrhjtqcCJbT67GugnVCEdFy85JIfJWSlaVn6boA==
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
2dc4567f34b86b6f44ea2a53bec65b34
505c8af38b381d7b79d8457a5cc2142892d7ded3
e5721aa2ac5c8331ed8194ee81c06264201488b3c56ea1e8fb7a82ee9cae5a0d

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=658
Date: Thu, 20 Oct 2022 14:51:30 GMT
Connection: keep-alive
X-N: S

widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936

143.204.55.80

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4dbb14ee00006400050fa293&widgetId=5419b637fa0340045cd0c936 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=4dbb14ee00006400050fa293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 20 Oct 2022 14:51:30 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bypIZT--u6Vm_sMITo5jNtZI5LcvFsBUXrfxFNwDdyZJJEMFbCymJQ==
X-Firefox-Spdy: h2

tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTgzMTk3NDk4Mi4xNjY2Mjc3NTAxIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTYuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8yMjUvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI3ZGMwMzVjZDBjY2I3YjRjIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5iYzVmODdkYWNkMDFhOTkyLjE2NjYyNzc1MDEzMjgiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==

143.204.55.34

200 OK

43 B

URL HTTP/2
tr-rc.lfeeder.com/?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTgzMTk3NDk4Mi4xNjY2Mjc3NTAxIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTYuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8yMjUvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI3ZGMwMzVjZDBjY2I3YjRjIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5iYzVmODdkYWNkMDFhOTkyLjE2NjYyNzc1MDEzMjgiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP
143.204.55.34:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /?sid=ywVkO4XWPeW7Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdZVFhEODlOMVciXSwiZ2FDbGllbnRJZHMiOlsiMTgzMTk3NDk4Mi4xNjY2Mjc3NTAxIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTYuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9hcHAyLm1hY2tlZXBlcmFmZi5jb20vbGFuZC8yMjUvIiwicGFnZVRpdGxlIjoiTWFjS2VlcGVyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI3ZGMwMzVjZDBjY2I3YjRjIiwic2NyaXB0SWQiOiJ5d1ZrTzRYV1BlVzdaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5iYzVmODdkYWNkMDFhOTkyLjE2NjYyNzc1MDEzMjgiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr-rc.lfeeder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Thu, 20 Oct 2022 14:51:30 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jqOAkRvSWEEeip4oHVc2NBEekF15oCijq3QyYTXeWJZY5rOfHt2RwQ==
X-Firefox-Spdy: h2

t.adcell.com/js/trad.js

185.5.82.77

200 OK

22 kB

URL HTTP/2
t.adcell.com/js/trad.js
IP
185.5.82.77:0
ASN
#20546 SOPRADO GmbH

File type
Unicode text, UTF-8 text, with very long lines (33739), with NEL line terminators
Size
22 kB (21466 bytes)
Hash
203702e78f504e36ea49162300dd7e96
2d347480dfbd9d4c69bcc742e205062f689e5d00
37ee59a07e31b6568a71dbf9a3fdf32d573bb8a43964b0e0859d3bc9a08917dc

HTTP Headers

GET /js/trad.js HTTP/1.1
Host: t.adcell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: myracloud
date: Thu, 20 Oct 2022 14:51:30 GMT
content-type: text/javascript
strict-transport-security: max-age=15768000
content-encoding: gzip
vary: accept-encoding
expires: Thu, 20 Oct 2022 14:56:46 GMT
cache-control: max-age=900
etag: "myra-42e358a7"
x-cdn: 1
X-Firefox-Spdy: h2

rp.liadm.com/j?dtstmp=1666277501289&aid=a-015g&se=e30&duid=f810f9c9df2c--01gfty1t7df97z1rp0fvhp7ymt&tna=v2.5.0&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true

3.223.51.75

200 OK

13 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1666277501289&aid=a-015g&se=e30&duid=f810f9c9df2c--01gfty1t7df97z1rp0fvhp7ymt&tna=v2.5.0&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true
IP
3.223.51.75:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

HTTP Headers

GET /j?dtstmp=1666277501289&aid=a-015g&se=e30&duid=f810f9c9df2c--01gfty1t7df97z1rp0fvhp7ymt&tna=v2.5.0&pu=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&wpn=lc-bundle&c=PHRpdGxlPk1hY0tlZXBlcjwvdGl0bGU-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:30 GMT
content-type: application/json
content-length: 13
trace-id: 95094e00a237f1ef
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 72b03841-79b9-4ebc-b127-d2e96e95a544
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png

54.230.111.78

200 OK

407 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/images/favicon_ua.png
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
407 B (407 bytes)
Hash
471c1c90d41a571f14162d7a8a9c8b9c
b08dfa2783c706945451a8f4890bdb9243936e78
eb625a455a490292aa2a7101dd7b3235bc4c92df0f08349c6663df51b7b66c27

HTTP Headers

GET /mk-land/dist/images/favicon_ua.png HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 407
date: Wed, 19 Oct 2022 08:49:42 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Apr 2022 09:52:27 GMT
etag: "471c1c90d41a571f14162d7a8a9c8b9c"
cache-control: public, max-age=604800
x-amz-version-id: fOjB1uVWJszrafJRMb0A4UZGtOA62i.I
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ORuwLE_K7SdVHuIShnbTiQt0oaWFg-pWXAENN3Ay6tW7EOB3oVK8bA==
age: 108110
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

3.1 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7751)
Size
3.1 kB (3063 bytes)
Hash
57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 18:56:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14708
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf

54.230.111.78

200 OK

58 kB

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT-Light.otf
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type
OpenType font data\012- data
Size
58 kB (57686 bytes)
Hash
3f74e2a4c23cf68134cfe7535d04bf89
ce0146c8a8c0ebf9290c2c1bc9cb33f1fe5d642d
bb7302061c3080e5595f9052a3314a5c2e83b70294f55896fb80c9d9946f1bcf

HTTP Headers

GET /mk-land/dist/fonts/MarkOT-Light.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
date: Wed, 19 Oct 2022 08:54:33 GMT
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
etag: W/"48dd0f49a4207634e9062def9074a038"
cache-control: public, max-age=604800
x-amz-version-id: 0k6awkdioEQDqMMUsMLLZL0d1S0LNdte
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q7Ad44N3jjIc4_oBmSSXEdqJFIYORJ-M4eXnU94Y8w4Ft3Q1jPIokw==
age: 107817
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1c33e6b2ef3778775912eaf5b7ba356d
5dfd778427d9add2e9640fc278819781e21ef84e
45473ddf904000369a2968f26ae3f948fd9121cdda72358f0f7ebc782c5fa2d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2009
Cache-Control: max-age=118104
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Etag: "635082f2-1d7"
Expires: Fri, 21 Oct 2022 23:39:55 GMT
Last-Modified: Wed, 19 Oct 2022 23:06:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d3bd8bc0b77639c72e6566716b7fc31e
967b1da7fbb4a5272d68401fb8772e0b1f893e2d
f25481873c253ccfb163d8b193c150906b37b3f680fd904545d112acbf14edd1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app2.mackeeperaff.com/land/api/send-event

3.225.159.165

200 OK

18 kB

URL HTTP/2
app2.mackeeperaff.com/land/api/send-event
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (58481)
Size
18 kB (18045 bytes)
Hash
8aefb930619756db1d60899fdd98242a
1b3e81d59d17c482d05cbe550bfaf6454db5de4a
18baa740d347ee0e103a7e2231d298ba2cc149b07cab1a5cff6738d03c81cfd8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: vowWAifKuOIW6prkb6M7C8uanEsRd6Irk2FGtoYw
X-XSRF-TOKEN: eyJpdiI6IkVcLzVZNWRHQnJOSXhmaXB0WGRzMVZnPT0iLCJ2YWx1ZSI6Ik1VajBoUTJtRkJESGZkT1FUQjZJejNYWHJOZFUrc09wdE9ta3BxNllyclp0NTBXWmV5Y1JUWDdEc0diT2JCbmxsT0RwWGtsWmhxN2ZhRXZNTjN1TEFGb3ViQXRnMDdOSWdieU9Tc1dNZkU3VlV6K1Y3ajFCOE54UXRLZ1U4VmZrIiwibWFjIjoiMGI4ZTUxYWQwMzZlYjI5YzQ0MzhkMWIyZDY5ZDQ5NzU2YTAyNzllNmM0NGRkMjA3MTYzNjA4NDE5ZjE0OGUzNCJ9
Content-Length: 104
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/225/
Cookie: XSRF-TOKEN=eyJpdiI6IkVcLzVZNWRHQnJOSXhmaXB0WGRzMVZnPT0iLCJ2YWx1ZSI6Ik1VajBoUTJtRkJESGZkT1FUQjZJejNYWHJOZFUrc09wdE9ta3BxNllyclp0NTBXWmV5Y1JUWDdEc0diT2JCbmxsT0RwWGtsWmhxN2ZhRXZNTjN1TEFGb3ViQXRnMDdOSWdieU9Tc1dNZkU3VlV6K1Y3ajFCOE54UXRLZ1U4VmZrIiwibWFjIjoiMGI4ZTUxYWQwMzZlYjI5YzQ0MzhkMWIyZDY5ZDQ5NzU2YTAyNzllNmM0NGRkMjA3MTYzNjA4NDE5ZjE0OGUzNCJ9; mackeeper_session=eyJpdiI6IlVRZXZJTjVBR1pGWjBHSWlZR3NjSnc9PSIsInZhbHVlIjoiQzBtR01HRXk4MVRjMmdFcjRFRjZ3eHhwdUNlTDJUZngwazlSTmNkSGpYRFZwZmVKbjNPaUM5elljQ2lCN2p6Vk5cLzRBK1FteDJcL2NueUdraHdVeVNtaTJhR3RXZlZBUG83OG93MHV6RUZselFZcXZIMjNxVXpKeHF0RmJFZVRONSIsIm1hYyI6ImQwOTBhNTgwNzE3ZmVjZWQzMDA5OWE3ZjU5NGU3MjE1ZDRkMGE4ZjdhZTBiN2JjODJmOGMxMmM3MjBjNDkwNDcifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:30 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 178
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: a11574f4983c300e02d201a9511c5b6e
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app2.mackeeperaff.com/land/api/send-event

3.225.159.165

200 OK

43 kB

URL HTTP/2
app2.mackeeperaff.com/land/api/send-event
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
43 kB (43332 bytes)
Hash
3b0e1987fb1673cc2a50465cd72fc397
cc83ae4758c5770e59c1bad381036d28bcfa4017
7b4dd3f866d9cf6aa21c3a0bbd0be7ffa251ce35aa1ce25f6b8d3aa739fc9c3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /land/api/send-event HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-TOKEN: vowWAifKuOIW6prkb6M7C8uanEsRd6Irk2FGtoYw
X-XSRF-TOKEN: eyJpdiI6IkVcLzVZNWRHQnJOSXhmaXB0WGRzMVZnPT0iLCJ2YWx1ZSI6Ik1VajBoUTJtRkJESGZkT1FUQjZJejNYWHJOZFUrc09wdE9ta3BxNllyclp0NTBXWmV5Y1JUWDdEc0diT2JCbmxsT0RwWGtsWmhxN2ZhRXZNTjN1TEFGb3ViQXRnMDdOSWdieU9Tc1dNZkU3VlV6K1Y3ajFCOE54UXRLZ1U4VmZrIiwibWFjIjoiMGI4ZTUxYWQwMzZlYjI5YzQ0MzhkMWIyZDY5ZDQ5NzU2YTAyNzllNmM0NGRkMjA3MTYzNjA4NDE5ZjE0OGUzNCJ9
Content-Length: 103
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/land/225/
Cookie: XSRF-TOKEN=eyJpdiI6IkVcLzVZNWRHQnJOSXhmaXB0WGRzMVZnPT0iLCJ2YWx1ZSI6Ik1VajBoUTJtRkJESGZkT1FUQjZJejNYWHJOZFUrc09wdE9ta3BxNllyclp0NTBXWmV5Y1JUWDdEc0diT2JCbmxsT0RwWGtsWmhxN2ZhRXZNTjN1TEFGb3ViQXRnMDdOSWdieU9Tc1dNZkU3VlV6K1Y3ajFCOE54UXRLZ1U4VmZrIiwibWFjIjoiMGI4ZTUxYWQwMzZlYjI5YzQ0MzhkMWIyZDY5ZDQ5NzU2YTAyNzllNmM0NGRkMjA3MTYzNjA4NDE5ZjE0OGUzNCJ9; mackeeper_session=eyJpdiI6IlVRZXZJTjVBR1pGWjBHSWlZR3NjSnc9PSIsInZhbHVlIjoiQzBtR01HRXk4MVRjMmdFcjRFRjZ3eHhwdUNlTDJUZngwazlSTmNkSGpYRFZwZmVKbjNPaUM5elljQ2lCN2p6Vk5cLzRBK1FteDJcL2NueUdraHdVeVNtaTJhR3RXZlZBUG83OG93MHV6RUZselFZcXZIMjNxVXpKeHF0RmJFZVRONSIsIm1hYyI6ImQwOTBhNTgwNzE3ZmVjZWQzMDA5OWE3ZjU5NGU3MjE1ZDRkMGE4ZjdhZTBiN2JjODJmOGMxMmM3MjBjNDkwNDcifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:30 GMT
content-type: application/json
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 180
x-ratelimit-remaining: 178
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: b6a34ea8a34b4edd7fdf61ef7601a847
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27027 bytes)
Hash
71875f848896ee82a106224e048bd060
277a624e507dff2cd9cff104aa0c5618ca76e105
a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: JxkIHOSqB7VuLR6kz0J4G1MRUd9zxYdXL2wnVD57MI2mU5fpjRnp28CKHYOQWmDlHkv0zCvqE+j+ntYe/DUyUg==
priority: u=3,i
content-length: 27027
x-fb-trip-id: 2074150462
date: Thu, 20 Oct 2022 14:51:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11376 bytes)
Hash
babb0d09b27851a7c080c2843211eb91
cf41327a7f5a83c8343e85741bc34cb53050449a
adc4ea8ee48fd9337d951234bd345899ddb116cad409265ee2cf01733ac82e84

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11376
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=37BB764A0DE86ED1019664090C1D6F44; domain=.bing.com; expires=Tue, 14-Nov-2023 14:51:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF36B6DD39AE48068AE82B77431618A3 Ref B: OSL30EDGE0519 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:30 GMT
X-Firefox-Spdy: h2

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

15 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
15 kB (15187 bytes)
Hash
8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 Oct 2022 14:51:31 GMT
expires: Thu, 20 Oct 2022 14:51:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

script.hotjar.com/modules.5f63ca60a03298133ad8.js

143.204.55.40

200 OK

66 kB

URL HTTP/2
script.hotjar.com/modules.5f63ca60a03298133ad8.js
IP
143.204.55.40:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
66 kB (66045 bytes)
Hash
eb4f228026ced3bcaadde65163571860
6b60d25e6ae4145acddaeab73a79b1698a1fc645
36480b075df69bd1ede20b9d23690cd5181d895899bb6cd1500afb48cd25ae25

HTTP Headers

GET /modules.5f63ca60a03298133ad8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 66045
date: Tue, 18 Oct 2022 12:18:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "eb4f228026ced3bcaadde65163571860"
last-modified: Tue, 18 Oct 2022 12:17:20 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7Ojxbzyz-lc4t-bHqbAdL4dwGZW-rbdsd7eV49u8QzQFXilRR47tig==
age: 182005
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1&z=1868280829

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1&z=1868280829
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1&z=1868280829 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1c33e6b2ef3778775912eaf5b7ba356d
5dfd778427d9add2e9640fc278819781e21ef84e
45473ddf904000369a2968f26ae3f948fd9121cdda72358f0f7ebc782c5fa2d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2009
Cache-Control: max-age=118104
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Etag: "635082f2-1d7"
Expires: Fri, 21 Oct 2022 23:39:55 GMT
Last-Modified: Wed, 19 Oct 2022 23:06:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 20 Oct 2022 14:41:09 GMT
expires: Thu, 20 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 622
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/1593188040964422?v=2.9.87&r=stable

31.13.72.12

200 OK

86 kB

URL HTTP/2
connect.facebook.net/signals/config/1593188040964422?v=2.9.87&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64471)
Size
86 kB (86219 bytes)
Hash
ae65f456bad6c739924047538e510e2b
6f9310343a26925830d0d8e537a41e896616b04f
ec781efead0fdb44ea2d8b579484eb57b96f0b198253a057a744a3841e16600c

HTTP Headers

GET /signals/config/1593188040964422?v=2.9.87&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ZtgHT4vos0SKsUdpgLIjInyVK95OEst5vFC7oRxg8luoTXtz/mOO0Z07NRHX/j8LkH9bgJYpCelxUetVI3zPZg==
priority: u=3,i
content-length: 86219
x-fb-trip-id: 2074150462
date: Thu, 20 Oct 2022 14:51:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeah0&_p=2993938&_gaz=1&cid=1831974982.1666277501&ul=en-us&sr=1280x1024&_s=1&sid=1666277501&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeah0&_p=2993938&_gaz=1&cid=1831974982.1666277501&ul=en-us&sr=1280x1024&_s=1&sid=1666277501&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GYTXD89N1W&gtm=2oeah0&_p=2993938&_gaz=1&cid=1831974982.1666277501&ul=en-us&sr=1280x1024&_s=1&sid=1666277501&sct=1&seg=0&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&dt=MacKeeper&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9913b2fe72036775e678417cac56a8df
27c2b0d99c3827f12c343763d8ba33c6e2d73188
32c6987be8e8c289fbb1f31350783dbc22003be71e80aa3d4acb293b434d805e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4ded5812e05504cc00fe8fbe84f15f4
0dc42fa74a67e7d0a56cb443fe8eab00a9d74ab5
270f810160a5e4309084e76c3657d97f4f4bd490b35fb9f1bda2f9c856f4f27b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
d2c298a660a1ee92f094a3d504e3e2e6
13fd39d202cf3e00be906a798921386b403e15c5
4aa80b9ea27a402072083d23dd118c6be178b90efb7ff0014c8b87c180655bdb

HTTP Headers

GET /box-c1417f7b48595d0dbca01c86f95d6dbb.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Tue, 18 Oct 2022 09:12:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jbEjTZ5e0k0AYDbwiXu2eXqq1xBeQ_JOESu2zjNWwOOEFpWkW3SVmQ==
age: 193165
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1666277501906%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F225%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLYxKqsfyRQvgAAAYP14MICcU7uNEdnnJe2cgppmx6oLyTws-5Am3DfZQU17VZ2aIBqKXKJn0mqSA; Max-Age=2592000; Expires=Sat, 19 Nov 2022 14:51:31 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLpDlznaBYxAQAAAYP14MICyuOEVPEKOi6-_XIquiPOLsVLwK--Ath9igoM4TU8bV0wXy7B27EGaXMDb1cybQ; Max-Age=2592000; Expires=Sat, 19 Nov 2022 14:51:31 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&16759370-ef61-403e-8a9f-afe963899dbc"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 20-Oct-2023 14:51:31 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2411:u=1:x=1:i=1666277491:t=1666363891:v=2:sig=AQFLNV2Ea2kRryWxPfTzUMNROVlqJgYS"; Expires=Fri, 21 Oct 2022 14:51:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXreHX1sdHJrT3DIQOdNQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CEE91CA369344F4E8AE4332D7ABE74B9 Ref B: OSL30EDGE0210 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 0
X-Firefox-Spdy: h2

bat.bing.com/p/action/36002432.js

13.107.21.200

200 OK

1.4 kB

URL HTTP/2
bat.bing.com/p/action/36002432.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1423 bytes)
Hash
af03844de699f6e7e0ed552f725a22df
10eae56beeacb28641d52a664eccaf4818bad5fe
472f9e0968b39c41aa022478f9d20e01e5131d6bd50451676cefad81427420ac

HTTP Headers

GET /p/action/36002432.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1423
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=3FADD6186C0A62480F90C45B6DFF63FB; domain=.bing.com; expires=Tue, 14-Nov-2023 14:51:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D91E0E38468E43D5A860C1CC5D93CB5B Ref B: OSL30EDGE0519 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:30 GMT
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&r=&lt=2595&evt=pageLoad&sv=1&rn=865580

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&r=&lt=2595&evt=pageLoad&sv=1&rn=865580
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&r=&lt=2595&evt=pageLoad&sv=1&rn=865580 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1929753AF1CE6D7029B16779F03B6CD1; domain=.bing.com; expires=Tue, 14-Nov-2023 14:51:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F6F2A23B7424CDE96A1E243D34AF279 Ref B: OSL30EDGE0519 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:30 GMT
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=418385

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=418385
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=36002432&Ver=2&mid=3a38686c-83fa-49f2-a062-8982b20bdb59&sid=b58e84e0508611ed906a076fb2c24724&vid=b58e7320508611ed834033143f3427f6&vids=0&msclkid=N&ec=pageview&gc=USD&tpp=1&ea=all_except_22019_cleaning&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=418385 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=28F04E6A0EAE6827384B5C290F5B6915; domain=.bing.com; expires=Tue, 14-Nov-2023 14:51:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 750AFEF982DF44F59B3226B0C5296614 Ref B: OSL30EDGE0519 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:31 GMT
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1

173.194.73.154

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1
IP
173.194.73.154:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GYTXD89N1W&cid=1831974982.1666277501&gtm=2oeah0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://app2.mackeeperaff.com
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

trc.taboola.com/1212352/trc/3/json?tim=1666277501945&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fland%2F225%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666277501941%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666277501944%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.85.44

200 OK

1.8 kB

URL HTTP/2
trc.taboola.com/1212352/trc/3/json?tim=1666277501945&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fland%2F225%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666277501941%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666277501944%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
data
Size
1.8 kB (1794 bytes)
Hash
9594e29af0b13028bad7b83e5b9d1ac2
7164060c851d17cb425997645b37ca8090a7c9b5
0bdb9b81e758cc27264e4efa03f68719f76a267c775c0803c532f221ca50ed72

HTTP Headers

GET /1212352/trc/3/json?tim=1666277501945&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fland%2F225%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666277501941%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkrometch-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666277501944%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A21%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 20 Oct 2022 14:51:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666277491.207146,VS0,VE93
vary: Accept-Encoding
x-vcl-time-ms: 93
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-157596782-1&cid=1831974982.1666277501&jid=582424974&gjid=753379352&_gid=903001799.1666277502&_u=YADAAEAAQAAAACAEK~&z=1194487922

173.194.73.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-157596782-1&cid=1831974982.1666277501&jid=582424974&gjid=753379352&_gid=903001799.1666277502&_u=YADAAEAAQAAAACAEK~&z=1194487922
IP
173.194.73.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-157596782-1&cid=1831974982.1666277501&jid=582424974&gjid=753379352&_gid=903001799.1666277502&_u=YADAAEAAQAAAACAEK~&z=1194487922 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://app2.mackeeperaff.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9b69a272ed9d08cfd860757647ecdfb5
3730e4f33b3a487483171bf1b7cf8e107332aa24
17c5129edaad6d1c025696835726c8d72901c0ff9b6e6e6456fcfa6104aaa148

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5182
Cache-Control: max-age=163787
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Etag: "63512900-1d7"
Expires: Sat, 22 Oct 2022 12:21:18 GMT
Last-Modified: Thu, 20 Oct 2022 10:54:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9b69a272ed9d08cfd860757647ecdfb5
3730e4f33b3a487483171bf1b7cf8e107332aa24
17c5129edaad6d1c025696835726c8d72901c0ff9b6e6e6456fcfa6104aaa148

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3791
Cache-Control: max-age=162396
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Etag: "63512900-1d7"
Expires: Sat, 22 Oct 2022 11:58:07 GMT
Last-Modified: Thu, 20 Oct 2022 10:54:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502027&cv=9&fst=1666277502027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.211.2

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502027&cv=9&fst=1666277502027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2192), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
f30ba17acce99f58801fa66846cc1f0f
7f890670e2c698ff345370049f03ddb73e5636df
a76e56c56cb9772f8233f86b7a0e433810c2579c3037ab6ad18ad191eaad4905

HTTP Headers

GET /pagead/viewthroughconversion/1010020041/?random=1666277502027&cv=9&fst=1666277502027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1011
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 15:06:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4ded5812e05504cc00fe8fbe84f15f4
0dc42fa74a67e7d0a56cb443fe8eab00a9d74ab5
270f810160a5e4309084e76c3657d97f4f4bd490b35fb9f1bda2f9c856f4f27b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1666277502024&cv=9&fst=1666277502024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.211.2

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1666277502024&cv=9&fst=1666277502024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2190), with no line terminators
Size
1.0 kB (1013 bytes)
Hash
fc22dd27b0c6471a2a49c48cf8e65842
df9c0dce700907cc1a97d0dc76cf68dc2d3e94a3
f22c92dd1d85efe04887e3e2a942ee993a2db1b387a7602bb2286fe242ac9207

HTTP Headers

GET /pagead/viewthroughconversion/854379023/?random=1666277502024&cv=9&fst=1666277502024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1013
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 15:06:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1666277502028&cv=9&fst=1666277502028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.211.2

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1666277502028&cv=9&fst=1666277502028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2190), with no line terminators
Size
1.0 kB (1014 bytes)
Hash
f9050e86abe0d18d9379292e93a05d1b
54cc71543f1788fe7e38efa240f8e7bb1e938948
10c521293876b2ca5d93805827b80a81d263c1ecf928a4e861f1857f71c163c0

HTTP Headers

GET /pagead/viewthroughconversion/957119846/?random=1666277502028&cv=9&fst=1666277502028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1014
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 15:06:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10013499.json

87.248.119.251

200 OK

2 B

URL HTTP/2
s.yimg.com/wi/config/10013499.json
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10013499.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: EYB1P968MWVKVK01
x-amz-id-2: F1mC7tABE5znrkLH6FQ2L1q0ClMDRr/vsQjyIfJnd/RrmMcyScLAZ18Fg0Mo12BhmW6FuiJFqrs=
content-type: application/json
date: Thu, 20 Oct 2022 14:33:33 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1078
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502029&cv=9&fst=1666277502029&num=1&fmt=3&value=0&label=9Uq1COfCvoMDEMndzuED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1

216.58.211.2

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1666277502029&cv=9&fst=1666277502029&num=1&fmt=3&value=0&label=9Uq1COfCvoMDEMndzuED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/1010020041/?random=1666277502029&cv=9&fst=1666277502029&num=1&fmt=3&value=0&label=9Uq1COfCvoMDEMndzuED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 15:06:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1666277502026&cv=9&fst=1666277502026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.211.2

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1666277502026&cv=9&fst=1666277502026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2188), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
6332fd5de061ea86f235784aa374dc02
9d649984906b8b53e8220aec9b20acabf60bd562
a88837b9d0a182b54da9310e9c9c5ad555a94a88650b38675c0797ba9cde4274

HTTP Headers

GET /pagead/viewthroughconversion/983482265/?random=1666277502026&cv=9&fst=1666277502026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgah0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&tiba=MacKeeper&auid=1821804226.1666277501&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:51:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1011
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 15:06:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949

70.42.32.95

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949
IP
70.42.32.95:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=005ba92794eafc10da81bd91da6dc1a949 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 14:51:31 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: dca2bbb2f5d9eda92ace627b22e2b315
content-encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 14:51:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.hotjar.com/c/hotjar-190484.js?sv=7

143.204.55.98

200 OK

2.6 kB

URL HTTP/2
static.hotjar.com/c/hotjar-190484.js?sv=7
IP
143.204.55.98:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4227)
Size
2.6 kB (2602 bytes)
Hash
c1a5a716a43068ec16a70db8fc3f27a0
eb9c13bf61f859cca4373e2a7ad24a319fd2403e
1a943868526106ea481bbe2225a691ee7b69ce6ad57ef35259b02536881f5f10

HTTP Headers

GET /c/hotjar-190484.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 14:51:31 GMT
cache-control: max-age=60
etag: W/5e9438c81ee83d943867f08b60428e80
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KL0D5pv-l9TP0f1xe53_wcDa7BkzBx3d5ypywEvoD3jEWwnQjTqC6A==
age: 13
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
72e87d973d19a2044ee539cf8b062914
2767c2a9e7edfc63bcbaf7d10fc6a51f27b2307f
cffb5ae71b543b1a4b6609ddb1f29153a2ce0b78c214d879f67f0da0eb91cfb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86697
Date: Thu, 20 Oct 2022 14:51:31 GMT
Etag: "635008c2-1d7"
Expires: Fri, 21 Oct 2022 14:56:28 GMT
Last-Modified: Wed, 19 Oct 2022 14:25:06 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UVAhQNipWhAzULZyznT1LLjJZohjBLq8V5jaIDqubx2-yn83ocP7dQ==
Age: 1882

www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&rl=&if=false&ts=1666277502286&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1666277502286.1021948486&it=1666277502005&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&rl=&if=false&ts=1666277502286&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1666277502286.1021948486&it=1666277502005&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&rl=&if=false&ts=1666277502286&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1666277502286.1021948486&it=1666277502005&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 20 Oct 2022 14:51:31 GMT
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1666277501906%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F225%252F%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1666277501906%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F225%252F%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3865705%26time%3D1666277501906%26url%3Dhttps%253A%252F%252Fapp2.mackeeperaff.com%252Fland%252F225%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&47447a9f-740b-41ed-8c36-751baefc1a50"; Domain=.linkedin.com; Expires=Fri, 20-Oct-2023 14:51:31 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221020145131c8d14d83-ae3f-48c3-8cfc-1bec6cc0ca6dAQGeGyY0CCkrKXggN0rU6kk4CM3A6454"; Domain=.www.linkedin.com; Expires=Fri, 20-Oct-2023 14:51:31 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjYyNzc0OTE7MjswMjEv2fZvEVpyvmDvOLoz0+rnHJILO5GGnrOaFJuWTUEo4Q==; Domain=.linkedin.com; Expires=Tue, 18 Apr 2023 14:51:31 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2411:u=1:x=1:i=1666277491:t=1666363891:v=2:sig=AQFLNV2Ea2kRryWxPfTzUMNROVlqJgYS"; Expires=Fri, 21 Oct 2022 14:51:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXreHX/E113bYrrk2Gvxg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E81A881A934B43E8A89D8FE269F78A21 Ref B: OSL30EDGE0210 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 0
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3865705&time=1666277501906&url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&611075d4-bce8-466d-86ea-b5b186700255"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 20-Oct-2023 14:51:31 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2411:u=1:x=1:i=1666277491:t=1666363891:v=2:sig=AQFLNV2Ea2kRryWxPfTzUMNROVlqJgYS"; Expires=Fri, 21 Oct 2022 14:51:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXreHYBWASnT36r0wCbbg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6DBD13F42E8A4D0D8254D43EDDFED165 Ref B: OSL30EDGE0210 Ref C: 2022-10-20T14:51:31Z
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&RedC=c.clarity.ms&MXFR=2113D8B1FD4967033527CAF2F949691F
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2113D8B1FD4967033527CAF2F949691F; domain=.clarity.ms; expires=Tue, 14-Nov-2023 14:51:32 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&RedC=c.clarity.ms&MXFR=2113D8B1FD4967033527CAF2F949691F

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&RedC=c.clarity.ms&MXFR=2113D8B1FD4967033527CAF2F949691F
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&RedC=c.clarity.ms&MXFR=2113D8B1FD4967033527CAF2F949691F HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&MUID=2D07A9B6D0A163B83BDFBBF5D15462E1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2D07A9B6D0A163B83BDFBBF5D15462E1; domain=c.bing.com; expires=Tue, 14-Nov-2023 14:51:32 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F51A400BCCC4845A6C136368DFC9550 Ref B: OSL30EDGE0519 Ref C: 2022-10-20T14:51:32Z
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&MUID=2D07A9B6D0A163B83BDFBBF5D15462E1

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&MUID=2D07A9B6D0A163B83BDFBBF5D15462E1
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=53457532CDF849D6B9EF59D7EC81C734&MUID=2D07A9B6D0A163B83BDFBBF5D15462E1 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app2.mackeeperaff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 20-Oct-2022 15:01:32 GMT; path=/; SameSite=None; Secure;
date: Thu, 20 Oct 2022 14:51:31 GMT
content-length: 42
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2020%20Oct%202022%2014%3A51%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

76.13.32.146

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2020%20Oct%202022%2014%3A51%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
76.13.32.146:0
ASN
#26101 YAHOO-BF1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Thu%2C%2020%20Oct%202022%2014%3A51%3A42%20GMT&n=0&b=MacKeeper&.yp=10013499&f=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:32 GMT
expires: Thu, 20 Oct 2022 14:51:32 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHRgUWMCEPFUkG4H1YzkNaxFseE933cFEgEBAQGxUmNbYwAAAAAA_eMAAA&S=AQAAAknFVfveG4c1Jp4ejFNTNHc; Expires=Fri, 20 Oct 2023 20:51:32 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1454
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Thu, 20 Oct 2022 14:51:32 GMT
X-Firefox-Spdy: h2

trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1564&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666277503508&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=1564&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666277503508&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=1564&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666277503508&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 14:51:32 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 29897
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
date: Thu, 20 Oct 2022 14:51:32 GMT
X-Firefox-Spdy: h2

trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=4566&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1666277506510&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1212352/log/3/unip?en=pre_d_eng_tb&tos=4566&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1666277506510&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1212352/log/3/unip?en=pre_d_eng_tb&tos=4566&scd=21&ssd=1&est=1666277501943&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1666277506510&vi=1666277501941&ri=5e848b52bfab88f50c20bf6f4b8e4b87&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fapp2.mackeeperaff.com%2Fland%2F225%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 14:51:35 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5566 bytes)
Hash
4b38fcf82dcb60f48ee2b0df158d2eb6
14207b4845fc4c2c72a18a77cbcbe5f50aa9056e
4cff326ed72c61a05f1150ac1a5423b006915bbb25dfaa11dadab2c24e71de1a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5566
x-amzn-requestid: 0eb4a0a4-9659-4c49-81d4-cd605eceed66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZKGEwzIAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506f0d-0bc0a25f4f5b1e893f448ae2;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:41:33 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HJ79GtM4BktNGSt8djSSWbAKtnICVZBOrIzKUg1mrJpV1j_xQqAMxQ==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:54:06 GMT
age: 61050
etag: "14207b4845fc4c2c72a18a77cbcbe5f50aa9056e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_one.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_one.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/soft_one.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:07 GMT
etag: W/"bf6ed3f56235d31918a17604a3131f52"
cache-control: public, max-age=604800
x-amz-version-id: o6Ym8udUKvbAiqjYfNJ3_cK41O7hKn6Y
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W_ptawseQOqqxwVRvvL5fh1apJ5OT2Hb4X0lgdhJV6jopHE2qpNU3w==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?5d40e965e8fcb218406d

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/critical/script.min.js?5d40e965e8fcb218406d
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/critical/script.min.js?5d40e965e8fcb218406d HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 19 Oct 2022 08:49:38 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 08:54:23 GMT
etag: W/"978916c1832b2db29b186d1578d5e378"
cache-control: public, max-age=604800
x-amz-version-id: BhWMZZ9PEhWMvFGBfg5J.vwJQdWMdbz2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kMLuhEx1b5h9cGJwrl_JET8A1PiQxP2lSPa7rz7ttB6IMvPOGOdazg==
age: 108112
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/fonts/MarkOT.otf
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/fonts/MarkOT.otf HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://static-cdn.mackeeper.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/ttf
date: Wed, 19 Oct 2022 08:54:33 GMT
access-control-allow-origin: https://app2.mackeeperaff.com
access-control-allow-methods: GET
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Sep 2020 13:01:11 GMT
etag: W/"106ae5fa4d0e51fa73ed42c3beecda5e"
cache-control: public, max-age=604800
x-amz-version-id: Eju.irxG68JYjYuEi7BGXEsqN0F4MTaA
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -OodBNFaHwJRLo15xBg-aTOp_ZLNvWQX_iT5AUDLjWuUdF2l-RDvIw==
age: 107818
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/components/logo/mk-logo-ua.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/components/logo/mk-logo-ua.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 08:49:38 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Apr 2022 14:50:37 GMT
etag: W/"0443bcb5ae8253499f7df7f80c45fc8c"
cache-control: public, max-age=604800
x-amz-version-id: sx6d65Ik.60EPUJCncti20jd8v0DNMRK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zg_FrAfH-L2aCs_YL1p5p1a-49dHZnXpsLc7IWTsn1dh4u59prOzwA==
age: 108112
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/appesteem.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/appesteem.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/appesteem.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:16 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:01 GMT
etag: W/"11483e7c23b09ca50a06de72c255ce87"
cache-control: public, max-age=604800
x-amz-version-id: 3fMgzXzf95Ipu35ulrRn6b7jas.YfNqP
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2YZO7TGEGJrTJRGJoZZ5k25uyGegHrmsi6_CxQQrhT1oRYtPHVIMew==
age: 106274
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/shopper.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/shopper.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/shopper.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:19 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:07 GMT
etag: W/"316255d136699b84962ae8e7e650fb4a"
cache-control: public, max-age=604800
x-amz-version-id: fKOEyyccH3jv1UtvKiv9xzpyRS0Q0D43
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0y3XRJ7_-_A4ntBMymXFxThyy24bN1IBUlaXzUdUAaH_R40ZC-iicw==
age: 106270
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/225/style.webp.min.css?3a6665f1aefdfa6e7708 HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Wed, 19 Oct 2022 09:22:33 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Aug 2022 13:12:49 GMT
etag: W/"4457db8fd1db6eab9c5f3d3d1c9974f7"
cache-control: public, max-age=604800
x-amz-version-id: AN8xanEF4YT_30ZnWEN6rFUop6tBr4SX
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kRij7XDPEWgo1DGOvYM1mimQqGq2FKCl8vMSJHUi6PatTGDNdaRruw==
age: 106137
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/225/script.min.js?4e6f2e1118e36c4972af

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/225/script.min.js?4e6f2e1118e36c4972af
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/225/script.min.js?4e6f2e1118e36c4972af HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 19 Oct 2022 09:20:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 08:53:51 GMT
etag: W/"2fe9559f1db9fa3f5c4fb4bd7115605b"
cache-control: public, max-age=604800
x-amz-version-id: .zptg2Edi2ch1KcLxt34_WISgbusPa_b
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fcAF8jMqvCGlm1TePfgbWMFNFUt51gtH_YJkFbTejIv6C9LX0XJsFA==
age: 106279
X-Firefox-Spdy: h2

app2.mackeeperaff.com/land/225/

3.225.159.165

200 OK

0 B

URL HTTP/2
app2.mackeeperaff.com/land/225/
IP
3.225.159.165:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /land/225/ HTTP/1.1
Host: app2.mackeeperaff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:29 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src 'self' *.hotjar.com *.mackeeper.com;frame-ancestors 'none';frame-src 'self' 'unsafe-inline' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com *.cdn.onesignal.com *.onesignal.com *.criteo.com static-cdn.mackeeper.com;child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com blob: *.cdn.onesignal.com *.onesignal.com *.liadm.com static-cdn.mackeeper.com;form-action 'self' *.mackeeper.com *.facebook.com;img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com mc.yandex.ru cx.atdmt.com *.baidu.com *.gstatstrk.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.zoomsupport.com *.cloudmccloud.com linkconnector.com *.linkconnector.com *.linkedin.com https://p.adsymptotic.com *.clarity.ms *.lfeeder.com static-cdn.mackeeper.com *.imcounting.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.linksynergy.com *.mackeeper.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net *.yimg.jp *.addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com *.baidu.com *.cdn.onesignal.com *.onesignal.com *.rtmark.net *.taboola.com *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com cdnjs.cloudflare.com *.clickcease.com *.sentry-cdn.com *.criteo.net *.criteo.com https://snpa.licdn.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com *.the.sciencebehindecommerce.com *.licdn.com *.liadm.com *.clarity.ms *.adcell.com *.lfeeder.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.referrer.disqus.com *.google.com *.google.com.ua *.addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com *.googletagmanager.com;font-src 'self' data: *.doubleclick.net *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com https://zchat.account.sz.mackeeper.com https://zchat.account.mackeeper.com static-cdn.mackeeper.com;object-src *.doubleclick.net *.flowplayer.org *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.liadm.com static-cdn.mackeeper.com;connect-src 'self' *.mackeeper.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net *.lcidc.liadm.com *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com *.pushdata.onesignal.com:* *.onesignal.com *.taboola.com *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com sentry.cloudmccloud.com *.liadm.com *.macupdate.com https://api.account.mackeeper.com https://api.account.sz.mackeeper.com https://api-ne.mackeeper.com *.adcell.com *.clarity.ms *.lfeeder.com *.static-cdn.mackeeper.com https://crm.account.mackeeper.com https://chat-crm.account.mackeeper.com static-cdn.mackeeper.com
set-cookie: XSRF-TOKEN=eyJpdiI6IkVcLzVZNWRHQnJOSXhmaXB0WGRzMVZnPT0iLCJ2YWx1ZSI6Ik1VajBoUTJtRkJESGZkT1FUQjZJejNYWHJOZFUrc09wdE9ta3BxNllyclp0NTBXWmV5Y1JUWDdEc0diT2JCbmxsT0RwWGtsWmhxN2ZhRXZNTjN1TEFGb3ViQXRnMDdOSWdieU9Tc1dNZkU3VlV6K1Y3ajFCOE54UXRLZ1U4VmZrIiwibWFjIjoiMGI4ZTUxYWQwMzZlYjI5YzQ0MzhkMWIyZDY5ZDQ5NzU2YTAyNzllNmM0NGRkMjA3MTYzNjA4NDE5ZjE0OGUzNCJ9; expires=Thu, 20-Oct-2022 16:51:29 GMT; Max-Age=7200; path=/; secure; samesite=lax
mackeeper_session=eyJpdiI6IlVRZXZJTjVBR1pGWjBHSWlZR3NjSnc9PSIsInZhbHVlIjoiQzBtR01HRXk4MVRjMmdFcjRFRjZ3eHhwdUNlTDJUZngwazlSTmNkSGpYRFZwZmVKbjNPaUM5elljQ2lCN2p6Vk5cLzRBK1FteDJcL2NueUdraHdVeVNtaTJhR3RXZlZBUG83OG93MHV6RUZselFZcXZIMjNxVXpKeHF0RmJFZVRONSIsIm1hYyI6ImQwOTBhNTgwNzE3ZmVjZWQzMDA5OWE3ZjU5NGU3MjE1ZDRkMGE4ZjdhZTBiN2JjODJmOGMxMmM3MjBjNDkwNDcifQ%3D%3D; expires=Thu, 20-Oct-2022 16:51:29 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
country=NO; expires=Tue, 18-Apr-2023 14:51:29 GMT; Max-Age=15552000; path=/; domain=.mackeeper.com; secure; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: : allow-from https://www.youtube.com https://giphy.com https://vimeo.com https://mackeeper.com https://www.slideshare.net
expect-ct: max-age=60
content-encoding: gzip
request-id: 113a572a2749faad5141499a79296616
X-Firefox-Spdy: h2

sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js

143.204.55.84

200 OK

0 B

URL HTTP/2
sc.lfeeder.com/lftracker_v1_ywVkO4XWPeW7Z6Bj.js
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lftracker_v1_ywVkO4XWPeW7Z6Bj.js HTTP/1.1
Host: sc.lfeeder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 20 Oct 2022 09:29:36 GMT
x-amz-version-id: ITqgO9ELHxvwt2xHFpWEbQUcw8uIiuvx
server: AmazonS3
content-encoding: gzip
date: Thu, 20 Oct 2022 14:12:24 GMT
cache-control: max-age=3600
etag: W/"6fa0006a6525677a49c8de289a869036"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CoGbmmDKEh0m8-JEK_tjnwm2UPcjJaiF0ec2jzZddGmEd4fZHWCpNw==
age: 2363
X-Firefox-Spdy: h2

www.dwin1.com/23738.js

143.204.55.32

200 OK

0 B

URL HTTP/2
www.dwin1.com/23738.js
IP
143.204.55.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /23738.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 10:19:43 GMT
x-amz-version-id: 9GYo5hJWkotP40DIJz.odQcu8JPBpP_7
server: AmazonS3
content-encoding: gzip
date: Thu, 20 Oct 2022 14:46:59 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"04a63f0a2836817ce6045d6b4bea866b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Exy6u8AFgI3I7eBpmP34WCKZnaOtAdT4Yf1oNpcS0Fn9xy9ZuGavDA==
age: 432
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/190484/visit-data?sv=7

18.203.27.16

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/190484/visit-data?sv=7
IP
18.203.27.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/190484/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 148
Origin: https://app2.mackeeperaff.com
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 20 Oct 2022 14:51:31 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

www.clarity.ms/tag/uet/36002432

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/uet/36002432
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/uet/36002432 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=f0cb3be7b85c4a7bb2c5f0fbb510473a.20221020.20231020; expires=Fri, 20 Oct 2023 14:51:31 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0c2BRYwAAAAA4TPFCB2VJSYKfEo4CuCHgU1ZHMjBFREdFMDYwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 20 Oct 2022 14:51:31 GMT
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

0 B

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MLGWIHN01riQTctcQmioQZIhARnKU4tWQjU9VAjp3doGJGBgsjT/YTeAprodpZRIea5RN/JZAEg=
x-amz-request-id: KJ51CF4E3V9KHP2V
date: Thu, 20 Oct 2022 14:51:01 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 31
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/privacy-three.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/privacy-three.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/privacy-three.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:03 GMT
etag: W/"c8f8481e4694470f0b9d13007ae87187"
cache-control: public, max-age=604800
x-amz-version-id: PWoPwjhbTptOw5hq_kbiYuHCVesNdiKa
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dKSEMxNkEJltxaXgDCuuoAElkukJTIgEqrb3prOrdjPj84JvrRWqaQ==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_three.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/soft_three.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/soft_three.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:03 GMT
etag: W/"1e8437e5f03b2dcd725fcf19c843ede9"
cache-control: public, max-age=604800
x-amz-version-id: OC8eg5jWgGpeP7bzVxClAk4oit18TnEB
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9H4eLUXG0geah7x2PMiOMzDDEjWb_u_3LDUu8D8s037RvhxJbQ_8dA==
age: 106278
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/downloads.svg

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/svg/landings/225/downloads.svg
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/svg/landings/225/downloads.svg HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 19 Oct 2022 09:20:19 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2022 08:45:04 GMT
etag: W/"03b2302fb772ce4d148b0099da4362f0"
cache-control: public, max-age=604800
x-amz-version-id: .qbW5DOthVWv1c0JYt1poeeBkSkCnGfS
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3NRnHWYkcXSs829pooRLd759QU9T4Kc8Hx4m6tT3Q3rnCHxLVso7TQ==
age: 106271
X-Firefox-Spdy: h2

static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?1706ac1b0b33a225018b

54.230.111.78

200 OK

0 B

URL HTTP/2
static-cdn.mackeeper.com/mk-land/dist/default/script.min.js?1706ac1b0b33a225018b
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mk-land/dist/default/script.min.js?1706ac1b0b33a225018b HTTP/1.1
Host: static-cdn.mackeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 19 Oct 2022 08:49:38 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 08:53:51 GMT
etag: W/"3c7ecd3bbc051c9d58e97691b50ec183"
cache-control: public, max-age=604800
x-amz-version-id: o1ARDtX94834dnRNyRmhv138jjvDSbDi
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QCF6kve8nVsl0ldONaVjOi2k1b-SA-e0SUMEcXKdey7FZvEPJ_nUTQ==
age: 108112
X-Firefox-Spdy: h2

b-code.liadm.com/a-015g.min.js

143.204.55.54

200 OK

0 B

URL HTTP/2
b-code.liadm.com/a-015g.min.js
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /a-015g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app2.mackeeperaff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 20 Oct 2022 04:33:42 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1JKBxM4ZGyrB8wCOe6OEDJKv2t8ce4XyEazrGHnLwCxj1nwFqdAQdA==
age: 37068
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations